- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
- "optional" : 1,
- "type" : "string"
- },
- "group" : {
- "description" : "Security Group name.",
- "maxLength" : 18,
- "minLength" : 2,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- },
- "pos" : {
- "description" : "Update rule at position <pos>.",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "integer (0- N)"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Modify"
- ]
- ]
- },
- "protected" : 1,
- "proxyto" : null,
- "returns" : {
- "type" : "null"
- }
- },
- "GET" : {
- "description" : "Get single rule data.",
- "method" : "GET",
- "name" : "get_rule",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "group" : {
- "description" : "Security Group name.",
- "maxLength" : 18,
- "minLength" : 2,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- },
- "pos" : {
- "description" : "Update rule at position <pos>.",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "integer (0- N)"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Audit"
- ]
- ]
- },
- "proxyto" : null,
- "returns" : {
- "properties" : {
- "pos" : {
- "type" : "integer"
- }
- },
- "type" : "object"
- }
- },
- "PUT" : {
- "description" : "Modify rule data.",
- "method" : "PUT",
- "name" : "update_rule",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "action" : {
- "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
- "maxLength" : 20,
- "minLength" : 2,
- "optional" : 1,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- },
- "comment" : {
- "optional" : 1,
- "type" : "string"
- },
- "delete" : {
- "description" : "A list of settings you want to delete.",
- "format" : "pve-configid-list",
- "optional" : 1,
- "type" : "string"
- },
- "dest" : {
- "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
- "format" : "pve-fw-addr-spec",
- "optional" : 1,
- "type" : "string"
- },
- "digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
- "optional" : 1,
- "type" : "string"
- },
- "dport" : {
- "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
- "format" : "pve-fw-dport-spec",
- "optional" : 1,
- "type" : "string"
- },
- "enable" : {
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "integer (0- N)"
- },
- "group" : {
- "description" : "Security Group name.",
- "maxLength" : 18,
- "minLength" : 2,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- },
- "iface" : {
- "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
- "format" : "pve-iface",
- "maxLength" : 20,
- "minLength" : 2,
- "optional" : 1,
- "type" : "string"
- },
- "macro" : {
- "maxLength" : 128,
- "optional" : 1,
- "type" : "string"
- },
- "moveto" : {
- "description" : "Move rule to new position <moveto>. Other arguments are ignored.",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "integer (0- N)"
- },
- "pos" : {
- "description" : "Update rule at position <pos>.",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "integer (0- N)"
- },
- "proto" : {
- "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
- "format" : "pve-fw-protocol-spec",
- "optional" : 1,
- "type" : "string"
- },
- "source" : {
- "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
- "format" : "pve-fw-addr-spec",
- "optional" : 1,
- "type" : "string"
- },
- "sport" : {
- "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
+ "description" : "Mark replication job for removal.",
+ "method" : "DELETE",
+ "name" : "delete",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "force" : {
+ "default" : 0,
+ "description" : "Will remove the jobconfig entry, but will not cleanup.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Modify"
- ]
- ]
+ "id" : {
+ "description" : "Replication Job ID. The ID is composed of a Guest ID and a job number, separated by a hyphen, i.e. '<GUEST>-<JOBNUM>'.",
+ "format" : "pve-replication-job-id",
+ "pattern" : "[1-9][0-9]{2,8}-\\d{1,9}",
+ "type" : "string"
},
- "protected" : 1,
- "returns" : {
- "type" : "null"
- }
- },
- "GET" : {
- "description" : "List rules.",
- "method" : "GET",
- "name" : "get_rules",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "group" : {
- "description" : "Security Group name.",
- "maxLength" : 18,
- "minLength" : 2,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Audit"
- ]
- ]
- },
- "proxyto" : null,
- "returns" : {
- "items" : {
- "properties" : {
- "pos" : {
- "type" : "integer"
- }
- },
- "type" : "object"
- },
- "links" : [
- {
- "href" : "{pos}",
- "rel" : "child"
- }
- ],
- "type" : "array"
- }
- },
- "POST" : {
- "description" : "Create new rule.",
- "method" : "POST",
- "name" : "create_rule",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "action" : {
- "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
- "maxLength" : 20,
- "minLength" : 2,
- "optional" : 0,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- },
- "comment" : {
- "optional" : 1,
- "type" : "string"
- },
- "dest" : {
- "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
- "format" : "pve-fw-addr-spec",
- "optional" : 1,
- "type" : "string"
- },
- "digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
- "optional" : 1,
- "type" : "string"
- },
- "dport" : {
- "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
- "format" : "pve-fw-dport-spec",
- "optional" : 1,
- "type" : "string"
- },
- "enable" : {
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "integer (0- N)"
- },
- "group" : {
- "description" : "Security Group name.",
- "maxLength" : 18,
- "minLength" : 2,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- },
- "iface" : {
- "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
- "format" : "pve-iface",
- "maxLength" : 20,
- "minLength" : 2,
- "optional" : 1,
- "type" : "string"
- },
- "macro" : {
- "maxLength" : 128,
- "optional" : 1,
- "type" : "string"
- },
- "pos" : {
- "description" : "Update rule at position <pos>.",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "integer (0- N)"
- },
- "proto" : {
- "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
- "format" : "pve-fw-protocol-spec",
- "optional" : 1,
- "type" : "string"
- },
- "source" : {
- "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
- "format" : "pve-fw-addr-spec",
- "optional" : 1,
- "type" : "string"
- },
- "sport" : {
- "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
- "format" : "pve-fw-sport-spec",
- "optional" : 1,
- "type" : "string"
- },
- "type" : {
- "enum" : [
- "in",
- "out",
- "group"
- ],
- "optional" : 0,
- "type" : "string"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Modify"
- ]
- ]
- },
- "protected" : 1,
- "proxyto" : null,
- "returns" : {
- "type" : "null"
+ "keep" : {
+ "default" : 0,
+ "description" : "Keep replicated data at target (do not remove).",
+ "description" : "A list of settings you want to delete.",
+ "format" : "pve-configid-list",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
},
"digest" : {
"description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
"maxLength" : 40,
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "group" : {
- "description" : "Security Group name.",
- "maxLength" : 18,
- "minLength" : 2,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "disable" : {
+ "description" : "Flag to disable/deactivate the entry.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "id" : {
+ "description" : "Replication Job ID. The ID is composed of a Guest ID and a job number, separated by a hyphen, i.e. '<GUEST>-<JOBNUM>'.",
+ "format" : "pve-replication-job-id",
+ "pattern" : "[1-9][0-9]{2,8}-\\d{1,9}",
"type" : "string"
},
- "rename" : {
- "description" : "Rename/update an existing security group. You can set 'rename' to the same value as 'name' to update the 'comment' of an existing group.",
- "maxLength" : 18,
- "minLength" : 2,
+ "rate" : {
+ "description" : "Rate limit in mbps (megabytes per second) as floating point number.",
+ "minimum" : 1,
"optional" : 1,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
+ "type" : "number",
+ "typetext" : "<number> (1 - N)"
+ },
+ "remove_job" : {
+ "description" : "Mark the replication job for removal. The job will remove all local replication snapshots. When set to 'full', it also tries to remove replicated volumes on the target. The job then removes itself from the configuration file.",
+ "enum" : [
+ "local",
+ "full"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "schedule" : {
+ "default" : "*/15",
+ "description" : "Storage replication schedule. The format is a subset of `systemd` calender events.",
+ "description" : "Requires the VM.Audit permission on /vms/<vmid>.",
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {},
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{id}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
},
+ "POST" : {
+ "description" : "Create a new replication job",
+ "method" : "POST",
+ "name" : "create",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "comment" : {
+ "description" : "Description.",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "disable" : {
+ "description" : "Flag to disable/deactivate the entry.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "id" : {
+ "description" : "Replication Job ID. The ID is composed of a Guest ID and a job number, separated by a hyphen, i.e. '<GUEST>-<JOBNUM>'.",
+ "format" : "pve-replication-job-id",
+ "pattern" : "[1-9][0-9]{2,8}-\\d{1,9}",
+ "type" : "string"
+ },
+ "rate" : {
+ "description" : "Rate limit in mbps (megabytes per second) as floating point number.",
+ "minimum" : 1,
+ "optional" : 1,
+ "type" : "number",
+ "typetext" : "<number> (1 - N)"
+ },
+ "remove_job" : {
+ "description" : "Mark the replication job for removal. The job will remove all local replication snapshots. When set to 'full', it also tries to remove replicated volumes on the target. The job then removes itself from the configuration file.",
+ "enum" : [
+ "local",
+ "full"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "schedule" : {
+ "default" : "*/15",
+ "description" : "Storage replication schedule. The format is a subset of `systemd` calender events.",
+ "format" : "pve-calendar-event",
+ "maxLength" : 128,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "source" : {
+ "description" : "Source of the replication.",
+ "format" : "pve-node",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "target" : {
+ "description" : "Target node.",
+ "format" : "pve-node",
+ "optional" : 0,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "type" : {
+ "description" : "Section type.",
+ "enum" : [
+ "local"
+ ],
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/storage",
+ [
+ "Datastore.Allocate"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/replication",
+ "text" : "replication"
+ },
+ {
+ "children" : [
{
"children" : [
{
"info" : {
"DELETE" : {
- "description" : "Delete rule.",
+ "description" : "Removes a node from the cluster configuration.",
"method" : "DELETE",
- "name" : "delete_rule",
+ "name" : "delnode",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
- "optional" : 1,
- "type" : "string"
- },
- "pos" : {
- "description" : "Update rule at position <pos>.",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "integer (0- N)"
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
}
}
},
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Modify"
- ]
- ]
- },
"protected" : 1,
- "proxyto" : null,
"returns" : {
"type" : "null"
}
},
- "GET" : {
- "description" : "Get single rule data.",
- "method" : "GET",
- "name" : "get_rule",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "pos" : {
- "description" : "Update rule at position <pos>.",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "integer (0- N)"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Audit"
- ]
- ]
- },
- "proxyto" : null,
- "returns" : {
- "properties" : {
- "pos" : {
- "type" : "integer"
- }
- },
- "type" : "object"
- }
- },
- "PUT" : {
- "description" : "Modify rule data.",
- "method" : "PUT",
- "name" : "update_rule",
+ "POST" : {
+ "description" : "Adds a node to the cluster configuration.",
+ "method" : "POST",
+ "name" : "addnode",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "action" : {
- "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
- "maxLength" : 20,
- "minLength" : 2,
- "optional" : 1,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- },
- "comment" : {
- "optional" : 1,
- "type" : "string"
- },
- "delete" : {
- "description" : "A list of settings you want to delete.",
- "format" : "pve-configid-list",
- "optional" : 1,
- "type" : "string"
- },
- "dest" : {
- "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
- "format" : "pve-fw-addr-spec",
- "optional" : 1,
- "type" : "string"
- },
- "digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "force" : {
+ "description" : "Do not throw error if node already exists.",
"optional" : 1,
- "type" : "string"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
- "dport" : {
- "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
- "format" : "pve-fw-dport-spec",
- "optional" : 1,
- "type" : "string"
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
},
- "enable" : {
- "minimum" : 0,
+ "nodeid" : {
+ "description" : "Node id for this node.",
+ "minimum" : 1,
"optional" : 1,
"type" : "integer",
- "typetext" : "integer (0- N)"
- },
- "iface" : {
- "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
- "format" : "pve-iface",
- "maxLength" : 20,
- "minLength" : 2,
- "optional" : 1,
- "type" : "string"
+ "typetext" : "<integer> (1 - N)"
},
- "macro" : {
- "maxLength" : 128,
+ "ring0_addr" : {
+ "default" : "Hostname of the node",
+ "description" : "Hostname (or IP) of the corosync ring0 address of this node.",
+ "format" : "address",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "moveto" : {
- "description" : "Move rule to new position <moveto>. Other arguments are ignored.",
- "minimum" : 0,
+ "ring1_addr" : {
+ "description" : "Hostname (or IP) of the corosync ring1 address of this node. Requires a valid configured ring 1 (bindnet1_addr) in the cluster.",
+ "format" : "address",
"optional" : 1,
- "type" : "integer",
- "typetext" : "integer (0- N)"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "pos" : {
- "description" : "Update rule at position <pos>.",
+ "votes" : {
+ "description" : "Number of votes for this node",
"minimum" : 0,
"optional" : 1,
"type" : "integer",
- "typetext" : "integer (0- N)"
- },
- "proto" : {
- "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
- "format" : "pve-fw-protocol-spec",
- "optional" : 1,
+ "typetext" : "<integer> (0 - N)"
+ }
+ }
+ },
+ "protected" : 1,
+ "returns" : {
+ "properties" : {
+ "corosync_authkey" : {
"type" : "string"
},
- "source" : {
- "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
- "format" : "pve-fw-addr-spec",
- "optional" : 1,
- "type" : "string"
- },
- "sport" : {
- "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
+ "description" : "Get information needed to join this cluster over the connected node.",
+ "method" : "GET",
+ "name" : "join_info",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "action" : {
- "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
- "maxLength" : 20,
- "minLength" : 2,
- "optional" : 0,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- },
- "comment" : {
+ "node" : {
+ "default" : "current connected node",
+ "description" : "The node for which the joinee gets the nodeinfo. ",
+ "format" : "pve-node",
"optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "returns" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "config_digest" : {
"type" : "string"
},
- "dest" : {
- "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
+ "description" : "Hostname (or IP) of the corosync ring0 address of this node.",
+ "format" : "address",
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
},
- "digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
- "optional" : 1,
+ "preferred_node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
"type" : "string"
},
- "dport" : {
- "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
- "format" : "pve-fw-dport-spec",
- "optional" : 1,
+ "totem" : {
+ "type" : "object"
+ }
+ },
+ "type" : "object"
+ }
+ },
+ "POST" : {
+ "description" : "Joins this node into an existing cluster.",
- "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
- "format" : "pve-iface",
- "maxLength" : 20,
- "minLength" : 2,
+ "force" : {
+ "description" : "Do not throw error if node already exists.",
"optional" : 1,
- "type" : "string"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
- "macro" : {
- "maxLength" : 128,
- "optional" : 1,
- "type" : "string"
+ "hostname" : {
+ "description" : "Hostname (or IP) of an existing cluster member.",
+ "type" : "string",
+ "typetext" : "<string>"
},
- "pos" : {
- "description" : "Update rule at position <pos>.",
- "minimum" : 0,
+ "nodeid" : {
+ "description" : "Node id for this node.",
+ "minimum" : 1,
"optional" : 1,
"type" : "integer",
- "typetext" : "integer (0- N)"
+ "typetext" : "<integer> (1 - N)"
},
- "proto" : {
- "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
- "format" : "pve-fw-protocol-spec",
- "optional" : 1,
- "type" : "string"
+ "password" : {
+ "description" : "Superuser (root) password of peer node.",
+ "maxLength" : 128,
+ "type" : "string",
+ "typetext" : "<string>"
},
- "source" : {
- "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
- "format" : "pve-fw-addr-spec",
+ "ring0_addr" : {
+ "default" : "IP resolved by node's hostname",
+ "description" : "Hostname (or IP) of the corosync ring0 address of this node.",
+ "format" : "address",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "sport" : {
- "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
- "format" : "pve-fw-sport-spec",
+ "ring1_addr" : {
+ "description" : "Hostname (or IP) of the corosync ring1 address of this node. Requires a valid configured ring 1 (bindnet1_addr) in the cluster.",
+ "format" : "address",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "type" : {
- "enum" : [
- "in",
- "out",
- "group"
- ],
- "optional" : 0,
- "type" : "string"
+ "votes" : {
+ "description" : "Number of votes for this node",
- "description" : "Update IP or Network settings",
+ "description" : "Modify rule data.",
"method" : "PUT",
- "name" : "update_ip",
+ "name" : "update_rule",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "cidr" : {
- "description" : "Network/IP specification in CIDR format.",
- "format" : "IPorCIDRorAlias",
+ "action" : {
+ "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
+ "maxLength" : 20,
+ "minLength" : 2,
+ "optional" : 1,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
"type" : "string"
},
"comment" : {
+ "description" : "Descriptive comment.",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "format" : "pve-configid-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dest" : {
+ "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
+ "format" : "pve-fw-addr-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
},
"digest" : {
"description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
"maxLength" : 40,
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "name" : {
- "description" : "IP set name.",
- "maxLength" : 64,
+ "dport" : {
+ "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
+ "format" : "pve-fw-dport-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "enable" : {
+ "description" : "Flag to enable/disable a rule.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "group" : {
+ "description" : "Security Group name.",
+ "maxLength" : 18,
"minLength" : 2,
"pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
"type" : "string"
},
- "nomatch" : {
+ "iface" : {
+ "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
+ "format" : "pve-iface",
+ "maxLength" : 20,
+ "minLength" : 2,
"optional" : 1,
- "type" : "boolean"
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "macro" : {
+ "description" : "Use predefined standard macro.",
+ "maxLength" : 128,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "moveto" : {
+ "description" : "Move rule to new position <moveto>. Other arguments are ignored.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "pos" : {
+ "description" : "Update rule at position <pos>.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "proto" : {
+ "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
+ "format" : "pve-fw-protocol-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "source" : {
+ "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
+ "format" : "pve-fw-addr-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "sport" : {
+ "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
- "description" : "Network/IP specification in CIDR format.",
- "format" : "IPorCIDRorAlias",
- "type" : "string"
- },
- "comment" : {
- "optional" : 1,
+ "action" : {
+ "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
+ "maxLength" : 20,
+ "minLength" : 2,
+ "optional" : 0,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
"type" : "string"
},
- "name" : {
- "description" : "IP set name.",
- "maxLength" : 64,
+ "comment" : {
+ "description" : "Descriptive comment.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dest" : {
+ "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
+ "format" : "pve-fw-addr-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 40,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dport" : {
+ "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
+ "format" : "pve-fw-dport-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "enable" : {
+ "description" : "Flag to enable/disable a rule.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "group" : {
+ "description" : "Security Group name.",
+ "maxLength" : 18,
"minLength" : 2,
"pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
"type" : "string"
},
- "nomatch" : {
+ "iface" : {
+ "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
+ "format" : "pve-iface",
+ "maxLength" : 20,
+ "minLength" : 2,
"optional" : 1,
- "type" : "boolean"
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "macro" : {
+ "description" : "Use predefined standard macro.",
+ "maxLength" : 128,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "pos" : {
+ "description" : "Update rule at position <pos>.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "proto" : {
+ "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
+ "format" : "pve-fw-protocol-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "source" : {
+ "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
+ "format" : "pve-fw-addr-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "sport" : {
+ "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
"description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
"maxLength" : 40,
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "name" : {
- "description" : "IP set name.",
- "maxLength" : 64,
+ "group" : {
+ "description" : "Security Group name.",
+ "maxLength" : 18,
"minLength" : 2,
"pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
"type" : "string"
},
"rename" : {
- "description" : "Rename an existing IPSet. You can set 'rename' to the same value as 'name' to update the 'comment' of an existing IPSet.",
- "maxLength" : 64,
+ "description" : "Rename/update an existing security group. You can set 'rename' to the same value as 'name' to update the 'comment' of an existing group.",
- "description" : "Network/IP specification in CIDR format.",
- "format" : "IPorCIDR",
+ "action" : {
+ "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
+ "maxLength" : 20,
+ "minLength" : 2,
+ "optional" : 1,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
"type" : "string"
},
"comment" : {
+ "description" : "Descriptive comment.",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "format" : "pve-configid-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dest" : {
+ "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
+ "format" : "pve-fw-addr-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
},
"digest" : {
"description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
"maxLength" : 40,
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "name" : {
- "description" : "Alias name.",
- "maxLength" : 64,
- "minLength" : 2,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
+ "dport" : {
+ "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
+ "format" : "pve-fw-dport-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
},
- "rename" : {
- "description" : "Rename an existing alias.",
- "maxLength" : 64,
+ "enable" : {
+ "description" : "Flag to enable/disable a rule.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "iface" : {
+ "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
+ "format" : "pve-iface",
+ "maxLength" : 20,
"minLength" : 2,
"optional" : 1,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Modify"
- ]
- ]
- },
- "protected" : 1,
- "returns" : {
- "type" : "null"
- }
- }
- },
- "leaf" : 1,
- "path" : "/cluster/firewall/aliases/{name}",
- "text" : "{name}"
- }
- ],
- "info" : {
- "GET" : {
- "description" : "List aliases",
- "method" : "GET",
- "name" : "get_aliases",
- "parameters" : {
- "additionalProperties" : 0
- },
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "macro" : {
+ "description" : "Use predefined standard macro.",
+ "maxLength" : 128,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "moveto" : {
+ "description" : "Move rule to new position <moveto>. Other arguments are ignored.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "pos" : {
+ "description" : "Update rule at position <pos>.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "proto" : {
+ "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
+ "format" : "pve-fw-protocol-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "source" : {
+ "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
+ "format" : "pve-fw-addr-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "sport" : {
+ "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
- "description" : "Network/IP specification in CIDR format.",
- "format" : "IPorCIDR",
+ "action" : {
+ "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
+ "maxLength" : 20,
+ "minLength" : 2,
+ "optional" : 0,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
"type" : "string"
},
"comment" : {
+ "description" : "Descriptive comment.",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "name" : {
- "description" : "Alias name.",
- "maxLength" : 64,
+ "dest" : {
+ "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
+ "format" : "pve-fw-addr-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 40,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dport" : {
+ "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
+ "format" : "pve-fw-dport-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "enable" : {
+ "description" : "Flag to enable/disable a rule.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "iface" : {
+ "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
+ "format" : "pve-iface",
+ "maxLength" : 20,
"minLength" : 2,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "macro" : {
+ "description" : "Use predefined standard macro.",
+ "maxLength" : 128,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "pos" : {
+ "description" : "Update rule at position <pos>.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "proto" : {
+ "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
+ "format" : "pve-fw-protocol-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "source" : {
+ "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
+ "format" : "pve-fw-addr-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "sport" : {
+ "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
+ "description" : "Lists possible IPSet/Alias reference which are allowed in source/dest properties.",
+ "method" : "GET",
+ "name" : "refs",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "type" : {
+ "description" : "Only list references of specified type.",
+ "enum" : [
+ "alias",
+ "ipset"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ }
},
- "tmpdir" : {
- "description" : "Store temporary files to specified directory.",
- "optional" : 1,
- "type" : "string"
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
},
- "vmid" : {
- "description" : "The ID of the guest system you want to backup.",
- "format" : "pve-vmid-list",
- "optional" : 1,
- "type" : "string"
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "comment" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "name" : {
+ "type" : "string"
+ },
+ "ref" : {
+ "type" : "string"
+ },
+ "type" : {
+ "enum" : [
+ "alias",
+ "ipset"
+ ],
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
}
}
},
+ "leaf" : 1,
+ "path" : "/cluster/firewall/refs",
+ "text" : "refs"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "description" : "Directory index.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
"permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Modify"
- ]
- ]
+ "user" : "all"
},
- "protected" : 1,
"returns" : {
- "type" : "null"
- }
- }
- },
- "leaf" : 0,
- "path" : "/cluster/backup",
- "text" : "backup"
- },
- {
- "children" : [
- {
- "children" : [
- {
- "children" : [
- {
- "info" : {
- "POST" : {
- "description" : "Request resource migration (online) to another node.",
- "method" : "POST",
- "name" : "migrate",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "node" : {
- "description" : "The cluster node name.",
- "format" : "pve-node",
- "type" : "string"
- },
- "sid" : {
- "description" : "HA resource ID. This consists of a resource type followed by a resource specific name, separated with colon (example: vm:100 / ct:100). For virtual machines and containers, you can simply use the VM or CT id as a shortcut (example: 100).",
+ "description" : "Backup all known guest systems on this host.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
- "leaf" : 1,
- "path" : "/cluster/ha/resources/{sid}/migrate",
- "text" : "migrate"
- },
- {
- "info" : {
- "POST" : {
- "description" : "Request resource relocatzion to another node. This stops the service on the old node, and restarts it on the target node.",
- "method" : "POST",
- "name" : "relocate",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "node" : {
- "description" : "The cluster node name.",
- "format" : "pve-node",
- "type" : "string"
- },
- "sid" : {
- "description" : "HA resource ID. This consists of a resource type followed by a resource specific name, separated with colon (example: vm:100 / ct:100). For virtual machines and containers, you can simply use the VM or CT id as a shortcut (example: 100).",
- "format" : "pve-ha-resource-or-vm-id",
- "type" : "string",
- "typetext" : "<type>:<name>"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Console"
- ]
- ]
- },
- "protected" : 1,
- "returns" : {
- "type" : "null"
- }
- }
+ "bwlimit" : {
+ "default" : 0,
+ "description" : "Limit I/O bandwidth (KBytes per second).",
- "description" : "HA resource ID. This consists of a resource type followed by a resource specific name, separated with colon (example: vm:100 / ct:100). For virtual machines and containers, you can simply use the VM or CT id as a shortcut (example: 100).",
- "format" : "pve-ha-resource-or-vm-id",
- "type" : "string",
- "typetext" : "<type>:<name>"
- }
- }
+ "compress" : {
+ "default" : "0",
+ "description" : "Compress dump file.",
+ "enum" : [
+ "0",
+ "1",
+ "gzip",
+ "lzo"
+ ],
+ "optional" : 1,
+ "type" : "string"
},
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Console"
- ]
- ]
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "format" : "pve-configid-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
},
- "protected" : 1,
- "returns" : {
- "type" : "null"
- }
- },
- "GET" : {
- "description" : "Read resource configuration.",
- "method" : "GET",
- "name" : "read",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "sid" : {
- "description" : "HA resource ID. This consists of a resource type followed by a resource specific name, separated with colon (example: vm:100 / ct:100). For virtual machines and containers, you can simply use the VM or CT id as a shortcut (example: 100).",
- "format" : "pve-ha-resource-or-vm-id",
- "type" : "string",
- "typetext" : "<type>:<name>"
- }
- }
+ "dow" : {
+ "description" : "Day of week selection.",
+ "format" : "pve-day-of-week-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
},
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Audit"
- ]
- ]
+ "dumpdir" : {
+ "description" : "Store resulting files to specified directory.",
- "description" : "A list of settings you want to delete.",
- "format" : "pve-configid-list",
- "maxLength" : 4096,
- "optional" : 1,
- "type" : "string"
- },
- "digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
- "optional" : 1,
- "type" : "string"
- },
- "group" : {
- "description" : "The HA group identifier.",
- "format" : "pve-configid",
- "optional" : 1,
- "type" : "string"
- },
- "max_relocate" : {
- "default" : 1,
- "description" : "Maximal number of service relocate tries when a service failes to start.",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "integer (0- N)"
- },
- "max_restart" : {
- "default" : 1,
- "description" : "Maximal number of tries to restart the service on a node after its start failed.",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "integer (0- N)"
- },
- "sid" : {
- "description" : "HA resource ID. This consists of a resource type followed by a resource specific name, separated with colon (example: vm:100 / ct:100). For virtual machines and containers, you can simply use the VM or CT id as a shortcut (example: 100).",
- "format" : "pve-ha-resource-or-vm-id",
- "type" : "string",
- "typetext" : "<type>:<name>"
- },
- "state" : {
- "default" : "enabled",
- "description" : "Resource state.",
- "enum" : [
- "enabled",
- "disabled"
- ],
- "optional" : 1,
- "type" : "string"
- }
- },
- "type" : "object"
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Console"
- ]
- ]
- },
- "protected" : 1,
- "returns" : {
- "type" : "null"
- }
- }
- },
- "leaf" : 0,
- "path" : "/cluster/ha/resources/{sid}",
- "text" : "{sid}"
- }
- ],
- "info" : {
- "GET" : {
- "description" : "List HA resources.",
- "method" : "GET",
- "name" : "index",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "type" : {
- "description" : "Only list resources of specific type",
- "enum" : [
- "ct",
- "vm"
- ],
+ "enabled" : {
+ "default" : "1",
+ "description" : "Enable or disable the job.",
"optional" : 1,
- "type" : "string"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Audit"
- ]
- ]
- },
- "returns" : {
- "items" : {
- "properties" : {
- "sid" : {
- "type" : "string"
- }
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
- "type" : "object"
- },
- "links" : [
- {
- "href" : "{sid}",
- "rel" : "child"
- }
- ],
- "type" : "array"
- }
- },
- "POST" : {
- "description" : "Create a new HA resource.",
- "method" : "POST",
- "name" : "create",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "comment" : {
- "description" : "Description.",
- "maxLength" : 4096,
+ "exclude" : {
+ "description" : "Exclude specified guest systems (assumes --all)",
+ "format" : "pve-vmid-list",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "group" : {
- "description" : "The HA group identifier.",
- "format" : "pve-configid",
+ "exclude-path" : {
+ "description" : "Exclude certain files/directories (shell globs).",
+ "format" : "string-alist",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "max_relocate" : {
- "default" : 1,
- "description" : "Maximal number of service relocate tries when a service failes to start.",
+ "id" : {
+ "description" : "The job ID.",
+ "maxLength" : 50,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "ionice" : {
+ "default" : 7,
+ "description" : "Set CFQ ionice priority.",
+ "maximum" : 8,
"minimum" : 0,
"optional" : 1,
"type" : "integer",
- "typetext" : "integer (0- N)"
+ "typetext" : "<integer> (0 - 8)"
},
- "max_restart" : {
- "default" : 1,
- "description" : "Maximal number of tries to restart the service on a node after its start failed.",
+ "lockwait" : {
+ "default" : 180,
+ "description" : "Maximal time to wait for the global lock (minutes).",
"minimum" : 0,
"optional" : 1,
"type" : "integer",
- "typetext" : "integer (0- N)"
- },
- "sid" : {
- "description" : "HA resource ID. This consists of a resource type followed by a resource specific name, separated with colon (example: vm:100 / ct:100). For virtual machines and containers, you can simply use the VM or CT id as a shortcut (example: 100).",
- "format" : "pve-ha-resource-or-vm-id",
- "type" : "string",
- "typetext" : "<type>:<name>"
+ "typetext" : "<integer> (0 - N)"
},
- "state" : {
- "default" : "enabled",
- "description" : "Resource state.",
+ "mailnotification" : {
+ "default" : "always",
+ "description" : "Specify when to send an email",
"enum" : [
- "enabled",
- "disabled"
+ "always",
+ "failure"
],
"optional" : 1,
"type" : "string"
},
- "type" : {
- "description" : "Resource type.",
+ "mailto" : {
+ "description" : "Comma-separated list of email addresses that should receive email notifications.",
+ "format" : "string-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "maxfiles" : {
+ "default" : 1,
+ "description" : "Maximal number of backup files per guest system.",
+ "minimum" : 1,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (1 - N)"
+ },
+ "mode" : {
+ "default" : "snapshot",
+ "description" : "Backup mode.",
"enum" : [
- "ct",
- "vm"
+ "snapshot",
+ "suspend",
+ "stop"
],
"optional" : 1,
"type" : "string"
- }
- },
- "type" : "object"
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Console"
- ]
- ]
- },
- "protected" : 1,
- "returns" : {
- "type" : "null"
- }
- }
- },
- "leaf" : 0,
- "path" : "/cluster/ha/resources",
- "text" : "resources"
- },
- {
- "children" : [
- {
- "info" : {
- "DELETE" : {
- "description" : "Delete ha group configuration.",
- "method" : "DELETE",
- "name" : "delete",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "group" : {
- "description" : "The HA group identifier.",
- "format" : "pve-configid",
- "type" : "string"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Console"
- ]
- ]
},
- "protected" : 1,
- "returns" : {
- "type" : "null"
- }
- },
- "GET" : {
- "description" : "Read ha group configuration.",
- "method" : "GET",
- "name" : "read",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "group" : {
- "description" : "The HA group identifier.",
- "format" : "pve-configid",
- "type" : "string"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Audit"
- ]
- ]
+ "node" : {
+ "description" : "Only run if executed on this node.",
+ "format" : "pve-node",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
},
- "returns" : {}
- },
- "PUT" : {
- "description" : "Update ha group configuration.",
- "method" : "PUT",
- "name" : "update",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "comment" : {
- "description" : "Description.",
- "maxLength" : 4096,
- "optional" : 1,
- "type" : "string"
- },
- "delete" : {
- "description" : "A list of settings you want to delete.",
- "format" : "pve-configid-list",
- "maxLength" : 4096,
- "optional" : 1,
- "type" : "string"
- },
- "digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
- "optional" : 1,
- "type" : "string"
- },
- "group" : {
- "description" : "The HA group identifier.",
- "format" : "pve-configid",
- "type" : "string"
- },
- "nodes" : {
- "description" : "List of cluster node names with optional priority. We use priority '0' as default. The CRM tries to run services on the node with highest priority (also see option 'nofailback').",
- "format" : "pve-ha-group-node-list",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<node>[:<pri>]{,<node>[:<pri>]}*"
- },
- "nofailback" : {
- "default" : 0,
- "description" : "The CRM tries to run services on the node with the highest priority. If a node with higher priority comes online, the CRM migrates the service to that node. Enabling nofailback prevents that behavior.",
- "optional" : 1,
- "type" : "boolean"
- },
- "restricted" : {
- "default" : 0,
- "description" : "Services on unrestricted groups may run on any cluster members if all group members are offline. But they will migrate back as soon as a group member comes online. One can implement a 'preferred node' behavior using an unrestricted group with one member.",
- "optional" : 1,
- "type" : "boolean"
- }
- },
- "type" : "object"
+ "pigz" : {
+ "default" : 0,
+ "description" : "Use pigz instead of gzip when N>0. N=1 uses half of cores, N>1 uses N as thread count.",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
},
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Console"
- ]
- ]
+ "quiet" : {
+ "default" : 0,
+ "description" : "Be quiet.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
- "protected" : 1,
- "returns" : {
- "type" : "null"
- }
- }
- },
- "leaf" : 1,
- "path" : "/cluster/ha/groups/{group}",
- "text" : "{group}"
- }
- ],
- "info" : {
- "GET" : {
- "description" : "Get HA groups.",
- "method" : "GET",
- "name" : "index",
- "parameters" : {
- "additionalProperties" : 0
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Audit"
- ]
- ]
- },
- "returns" : {
- "items" : {
- "properties" : {
- "group" : {
- "type" : "string"
- }
+ "remove" : {
+ "default" : 1,
+ "description" : "Remove old backup files if there are more than 'maxfiles' backup files.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
- "type" : "object"
- },
- "links" : [
- {
- "href" : "{group}",
- "rel" : "child"
- }
- ],
- "type" : "array"
- }
- },
- "POST" : {
- "description" : "Create a new HA group.",
- "method" : "POST",
- "name" : "create",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "comment" : {
- "description" : "Description.",
- "maxLength" : 4096,
+ "script" : {
+ "description" : "Use specified hook script.",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "group" : {
- "description" : "The HA group identifier.",
- "format" : "pve-configid",
- "type" : "string"
+ "size" : {
+ "default" : 1024,
+ "description" : "Unused, will be removed in a future release.",
+ "minimum" : 500,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (500 - N)"
},
- "nodes" : {
- "description" : "List of cluster node names with optional priority. We use priority '0' as default. The CRM tries to run services on the node with highest priority (also see option 'nofailback').",
- "format" : "pve-ha-group-node-list",
- "optional" : 0,
+ "starttime" : {
+ "description" : "Job Start time.",
+ "pattern" : "\\d{1,2}:\\d{1,2}",
"type" : "string",
- "typetext" : "<node>[:<pri>]{,<node>[:<pri>]}*"
+ "typetext" : "HH:MM"
},
- "nofailback" : {
- "default" : 0,
- "description" : "The CRM tries to run services on the node with the highest priority. If a node with higher priority comes online, the CRM migrates the service to that node. Enabling nofailback prevents that behavior.",
+ "stdexcludes" : {
+ "default" : 1,
+ "description" : "Exclude temporary files and logs.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
- "restricted" : {
+ "stop" : {
"default" : 0,
- "description" : "Services on unrestricted groups may run on any cluster members if all group members are offline. But they will migrate back as soon as a group member comes online. One can implement a 'preferred node' behavior using an unrestricted group with one member.",
+ "description" : "Stop runnig backup jobs on this host.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
- "type" : {
- "description" : "Group type.",
- "enum" : [
- "group"
- ],
+ "stopwait" : {
+ "default" : 10,
+ "description" : "Maximal time to wait until a guest system is stopped (minutes).",
+ "minimum" : 0,
"optional" : 1,
- "type" : "string"
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "storage" : {
+ "description" : "Store resulting file to this storage.",
+ "format" : "pve-storage-id",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "tmpdir" : {
+ "description" : "Store temporary files to specified directory.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "vmid" : {
+ "description" : "The ID of the guest system you want to backup.",
- "description" : "Select the default Console viewer. You can either use the builtin java applet (VNC), an external virt-viewer comtatible application (SPICE), or an HTML5 based viewer (noVNC).",
+ "compress" : {
+ "default" : "0",
+ "description" : "Compress dump file.",
"enum" : [
- "applet",
- "vv",
- "html5"
+ "0",
+ "1",
+ "gzip",
+ "lzo"
],
"optional" : 1,
"type" : "string"
},
- "delete" : {
- "description" : "A list of settings you want to delete.",
- "format" : "pve-configid-list",
+ "dow" : {
+ "default" : "mon,tue,wed,thu,fri,sat,sun",
+ "description" : "Day of week selection.",
+ "format" : "pve-day-of-week-list",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "email_from" : {
- "description" : "Specify email address to send notification from (default is root@$hostname)",
- "format" : "email-opt",
+ "dumpdir" : {
+ "description" : "Store resulting files to specified directory.",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "fencing" : {
- "default" : "watchdog",
- "description" : "Set the fencing mode of the HA cluster. Hardware mode needs a valid configuration of fence devices in /etc/pve/ha/fence.cfg. With both all two modes are used.\n\nWARNING: 'hardware' and 'both' are EXPERIMENTAL & WIP",
- "enum" : [
- "watchdog",
- "hardware",
- "both"
- ],
+ "enabled" : {
+ "default" : "1",
+ "description" : "Enable or disable the job.",
"optional" : 1,
- "type" : "string"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
- "http_proxy" : {
- "description" : "Specify external http proxy which is used for downloads (example: 'http://username:password@host:port/')",
+ "exclude" : {
+ "description" : "Exclude specified guest systems (assumes --all)",
+ "format" : "pve-vmid-list",
"optional" : 1,
- "pattern" : "http://.*",
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "keyboard" : {
- "description" : "Default keybord layout for vnc server.",
+ "exclude-path" : {
+ "description" : "Exclude certain files/directories (shell globs).",
+ "format" : "string-alist",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "ionice" : {
+ "default" : 7,
+ "description" : "Set CFQ ionice priority.",
+ "maximum" : 8,
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - 8)"
+ },
+ "lockwait" : {
+ "default" : 180,
+ "description" : "Maximal time to wait for the global lock (minutes).",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "mailnotification" : {
+ "default" : "always",
+ "description" : "Specify when to send an email",
"enum" : [
- "de",
- "de-ch",
- "da",
- "en-gb",
- "en-us",
- "es",
- "fi",
- "fr",
- "fr-be",
- "fr-ca",
- "fr-ch",
- "hu",
- "is",
- "it",
- "ja",
- "lt",
- "mk",
- "nl",
- "no",
- "pl",
- "pt",
- "pt-br",
- "sv",
- "sl",
- "tr"
+ "always",
+ "failure"
],
"optional" : 1,
"type" : "string"
},
- "language" : {
- "description" : "Default GUI language.",
+ "mailto" : {
+ "description" : "Comma-separated list of email addresses that should receive email notifications.",
+ "format" : "string-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "maxfiles" : {
+ "default" : 1,
+ "description" : "Maximal number of backup files per guest system.",
+ "minimum" : 1,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (1 - N)"
+ },
+ "mode" : {
+ "default" : "snapshot",
+ "description" : "Backup mode.",
"enum" : [
- "en",
- "de"
+ "snapshot",
+ "suspend",
+ "stop"
],
"optional" : 1,
"type" : "string"
},
- "mac_prefix" : {
- "description" : "Prefix for autogenerated MAC addresses.",
+ "node" : {
+ "description" : "Only run if executed on this node.",
+ "description" : "Request resource migration (online) to another node.",
+ "method" : "POST",
+ "name" : "migrate",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "sid" : {
+ "description" : "HA resource ID. This consists of a resource type followed by a resource specific name, separated with colon (example: vm:100 / ct:100). For virtual machines and containers, you can simply use the VM or CT id as a shortcut (example: 100).",
+ "format" : "pve-ha-resource-or-vm-id",
+ "type" : "string",
+ "typetext" : "<type>:<name>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Console"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/ha/resources/{sid}/migrate",
+ "text" : "migrate"
+ },
+ {
+ "info" : {
+ "POST" : {
+ "description" : "Request resource relocatzion to another node. This stops the service on the old node, and restarts it on the target node.",
+ "method" : "POST",
+ "name" : "relocate",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "sid" : {
+ "description" : "HA resource ID. This consists of a resource type followed by a resource specific name, separated with colon (example: vm:100 / ct:100). For virtual machines and containers, you can simply use the VM or CT id as a shortcut (example: 100).",
+ "description" : "HA resource ID. This consists of a resource type followed by a resource specific name, separated with colon (example: vm:100 / ct:100). For virtual machines and containers, you can simply use the VM or CT id as a shortcut (example: 100).",
+ "format" : "pve-ha-resource-or-vm-id",
+ "type" : "string",
+ "typetext" : "<type>:<name>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Console"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "GET" : {
+ "description" : "Read resource configuration.",
+ "method" : "GET",
+ "name" : "read",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "sid" : {
+ "description" : "HA resource ID. This consists of a resource type followed by a resource specific name, separated with colon (example: vm:100 / ct:100). For virtual machines and containers, you can simply use the VM or CT id as a shortcut (example: 100).",
+ "description" : "A list of settings you want to delete.",
+ "format" : "pve-configid-list",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 40,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "group" : {
+ "description" : "The HA group identifier.",
+ "format" : "pve-configid",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "max_relocate" : {
+ "default" : 1,
+ "description" : "Maximal number of service relocate tries when a service failes to start.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "max_restart" : {
+ "default" : 1,
+ "description" : "Maximal number of tries to restart the service on a node after its start failed.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "sid" : {
+ "description" : "HA resource ID. This consists of a resource type followed by a resource specific name, separated with colon (example: vm:100 / ct:100). For virtual machines and containers, you can simply use the VM or CT id as a shortcut (example: 100).",
+ "format" : "pve-ha-resource-or-vm-id",
+ "type" : "string",
+ "typetext" : "<type>:<name>"
+ },
+ "state" : {
+ "default" : "started",
+ "description" : "Requested resource state.",
+ "enum" : [
+ "started",
+ "stopped",
+ "enabled",
+ "disabled",
+ "ignored"
+ ],
+ "optional" : 1,
+ "type" : "string",
+ "verbose_description" : "Requested resource state. The CRM reads this state and acts accordingly.\nPlease note that `enabled` is just an alias for `started`.\n\n`started`;;\n\nThe CRM tries to start the resource. Service state is\nset to `started` after successful start. On node failures, or when start\nfails, it tries to recover the resource. If everything fails, service\nstate it set to `error`.\n\n`stopped`;;\n\nThe CRM tries to keep the resource in `stopped` state, but it\nstill tries to relocate the resources on node failures.\n\n`disabled`;;\n\nThe CRM tries to put the resource in `stopped` state, but does not try\nto relocate the resources on node failures. The main purpose of this\nstate is error recovery, because it is the only way to move a resource out\nof the `error` state.\n\n`ignored`;;\n\nThe resource gets removed from the manager status and so the CRM and the LRM do\nnot touch the resource anymore. All {pve} API calls affecting this resource\nwill be executed, directly bypassing the HA stack. CRM commands will be thrown\naway while there source is in this state. The resource will not get relocated\non node failures.\n\n"
+ }
+ },
+ "type" : "object"
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Console"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/ha/resources/{sid}",
+ "text" : "{sid}"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "description" : "List HA resources.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "type" : {
+ "description" : "Only list resources of specific type",
+ "enum" : [
+ "ct",
+ "vm"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "sid" : {
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{sid}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ },
+ "POST" : {
+ "description" : "Create a new HA resource.",
+ "method" : "POST",
+ "name" : "create",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "comment" : {
+ "description" : "Description.",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "group" : {
+ "description" : "The HA group identifier.",
+ "format" : "pve-configid",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "max_relocate" : {
+ "default" : 1,
+ "description" : "Maximal number of service relocate tries when a service failes to start.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "max_restart" : {
+ "default" : 1,
+ "description" : "Maximal number of tries to restart the service on a node after its start failed.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "sid" : {
+ "description" : "HA resource ID. This consists of a resource type followed by a resource specific name, separated with colon (example: vm:100 / ct:100). For virtual machines and containers, you can simply use the VM or CT id as a shortcut (example: 100).",
+ "format" : "pve-ha-resource-or-vm-id",
+ "type" : "string",
+ "typetext" : "<type>:<name>"
+ },
+ "state" : {
+ "default" : "started",
+ "description" : "Requested resource state.",
+ "enum" : [
+ "started",
+ "stopped",
+ "enabled",
+ "disabled",
+ "ignored"
+ ],
+ "optional" : 1,
+ "type" : "string",
+ "verbose_description" : "Requested resource state. The CRM reads this state and acts accordingly.\nPlease note that `enabled` is just an alias for `started`.\n\n`started`;;\n\nThe CRM tries to start the resource. Service state is\nset to `started` after successful start. On node failures, or when start\nfails, it tries to recover the resource. If everything fails, service\nstate it set to `error`.\n\n`stopped`;;\n\nThe CRM tries to keep the resource in `stopped` state, but it\nstill tries to relocate the resources on node failures.\n\n`disabled`;;\n\nThe CRM tries to put the resource in `stopped` state, but does not try\nto relocate the resources on node failures. The main purpose of this\nstate is error recovery, because it is the only way to move a resource out\nof the `error` state.\n\n`ignored`;;\n\nThe resource gets removed from the manager status and so the CRM and the LRM do\nnot touch the resource anymore. All {pve} API calls affecting this resource\nwill be executed, directly bypassing the HA stack. CRM commands will be thrown\naway while there source is in this state. The resource will not get relocated\non node failures.\n\n"
+ },
+ "type" : {
+ "description" : "Resource type.",
+ "enum" : [
+ "ct",
+ "vm"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Console"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/ha/resources",
+ "text" : "resources"
+ },
+ {
+ "children" : [
+ {
+ "info" : {
+ "DELETE" : {
+ "description" : "Delete ha group configuration.",
+ "method" : "DELETE",
+ "name" : "delete",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "group" : {
+ "description" : "The HA group identifier.",
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Console"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "GET" : {
+ "description" : "Read ha group configuration.",
+ "method" : "GET",
+ "name" : "read",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "group" : {
+ "description" : "The HA group identifier.",
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "returns" : {}
+ },
+ "PUT" : {
+ "description" : "Update ha group configuration.",
+ "method" : "PUT",
+ "name" : "update",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "comment" : {
+ "description" : "Description.",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "format" : "pve-configid-list",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 40,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "group" : {
+ "description" : "The HA group identifier.",
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "nodes" : {
+ "description" : "List of cluster node names with optional priority.",
+ "verbose_description" : "List of cluster node members, where a priority can be given to each node. A resource bound to a group will run on the available nodes with the highest priority. If there are more nodes in the highest priority class, the services will get distributed to those nodes. The priorities have a relative meaning only."
+ },
+ "nofailback" : {
+ "default" : 0,
+ "description" : "The CRM tries to run services on the node with the highest priority. If a node with higher priority comes online, the CRM migrates the service to that node. Enabling nofailback prevents that behavior.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "restricted" : {
+ "default" : 0,
+ "description" : "Resources bound to restricted groups may only run on nodes defined by the group.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>",
+ "verbose_description" : "Resources bound to restricted groups may only run on nodes defined by the group. The resource will be placed in the stopped state if no group node member is online. Resources on unrestricted groups may run on any cluster node if all group members are offline, but they will migrate back as soon as a group member comes online. One can implement a 'preferred node' behavior using an unrestricted group with only one member."
+ }
+ },
+ "type" : "object"
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Console"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/ha/groups/{group}",
+ "text" : "{group}"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "description" : "Get HA groups.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "group" : {
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{group}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ },
+ "POST" : {
+ "description" : "Create a new HA group.",
+ "method" : "POST",
+ "name" : "create",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "comment" : {
+ "description" : "Description.",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "group" : {
+ "description" : "The HA group identifier.",
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "nodes" : {
+ "description" : "List of cluster node names with optional priority.",
+ "verbose_description" : "List of cluster node members, where a priority can be given to each node. A resource bound to a group will run on the available nodes with the highest priority. If there are more nodes in the highest priority class, the services will get distributed to those nodes. The priorities have a relative meaning only."
+ },
+ "nofailback" : {
+ "default" : 0,
+ "description" : "The CRM tries to run services on the node with the highest priority. If a node with higher priority comes online, the CRM migrates the service to that node. Enabling nofailback prevents that behavior.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "restricted" : {
+ "default" : 0,
+ "description" : "Resources bound to restricted groups may only run on nodes defined by the group.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>",
+ "verbose_description" : "Resources bound to restricted groups may only run on nodes defined by the group. The resource will be placed in the stopped state if no group node member is online. Resources on unrestricted groups may run on any cluster node if all group members are offline, but they will migrate back as soon as a group member comes online. One can implement a 'preferred node' behavior using an unrestricted group with only one member."
+ },
+ "type" : {
+ "description" : "Group type.",
+ "enum" : [
+ "group"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Console"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/ha/groups",
+ "text" : "groups"
+ },
+ {
+ "children" : [
+ {
+ "info" : {
+ "GET" : {
+ "description" : "Get HA manger status.",
+ "method" : "GET",
+ "name" : "status",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "returns" : {
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/ha/status/current",
+ "text" : "current"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "description" : "Get full HA manger status, including LRM status.",
+ "method" : "GET",
+ "name" : "manager_status",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "returns" : {
+ "type" : "object"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/ha/status/manager_status",
+ "text" : "manager_status"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "description" : "Directory index.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {},
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{name}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/ha/status",
+ "text" : "status"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "description" : "Directory index.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "id" : {
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{id}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/ha",
+ "text" : "ha"
+ },
+ {
+ "children" : [
+ {
+ "children" : [
+ {
+ "info" : {
+ "DELETE" : {
+ "description" : "Deactivate existing ACME account at CA.",
+ "description" : "Select the default Console viewer. You can either use the builtin java applet (VNC; deprecated and maps to html5), an external virt-viewer comtatible application (SPICE), an HTML5 based vnc viewer (noVNC), or an HTML5 based console client (xtermjs). If the selected viewer is not available (e.g. SPICE not activated for the VM), the fallback is noVNC.",
+ "enum" : [
+ "applet",
+ "vv",
+ "html5",
+ "xtermjs"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "format" : "pve-configid-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "email_from" : {
+ "description" : "Specify email address to send notification from (default is root@$hostname)",
+ "format" : "email-opt",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "fencing" : {
+ "default" : "watchdog",
+ "description" : "Set the fencing mode of the HA cluster. Hardware mode needs a valid configuration of fence devices in /etc/pve/ha/fence.cfg. With both all two modes are used.\n\nWARNING: 'hardware' and 'both' are EXPERIMENTAL & WIP",
+ "enum" : [
+ "watchdog",
+ "hardware",
+ "both"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "http_proxy" : {
+ "description" : "Specify external http proxy which is used for downloads (example: 'http://username:password@host:port/')",
+ "optional" : 1,
+ "pattern" : "http://.*",
+ "type" : "string"
+ },
+ "keyboard" : {
+ "description" : "Default keybord layout for vnc server.",
+ "enum" : [
+ "de",
+ "de-ch",
+ "da",
+ "en-gb",
+ "en-us",
+ "es",
+ "fi",
+ "fr",
+ "fr-be",
+ "fr-ca",
+ "fr-ch",
+ "hu",
+ "is",
+ "it",
+ "ja",
+ "lt",
+ "mk",
+ "nl",
+ "no",
+ "pl",
+ "pt",
+ "pt-br",
+ "sv",
+ "sl",
+ "tr"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "language" : {
+ "description" : "Default GUI language.",
+ "enum" : [
+ "en",
+ "de"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "mac_prefix" : {
+ "description" : "Prefix for autogenerated MAC addresses.",
+ "description" : "CIDR of the (sub) network that is used for migration.",
+ "format" : "CIDR",
+ "format_description" : "CIDR",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "type" : {
+ "default" : "secure",
+ "default_key" : 1,
+ "description" : "Migration traffic is encrypted using an SSH tunnel by default. On secure, completely private networks this can be disabled to increase performance.",
+ "description" : "Migration is secure using SSH tunnel by default. For secure private networks you can disable it to speed up migration. Deprecated, use the 'migration' property instead!",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/options",
+ "text" : "options"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "description" : "Get cluster status informations.",
+ "method" : "GET",
+ "name" : "get_status",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "type" : {
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/status",
+ "text" : "status"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "description" : "Get next free VMID. If you pass an VMID it will raise an error if the ID is already used.",
+ "method" : "GET",
+ "name" : "nextid",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "vmid" : {
+ "description" : "The (unique) ID of the VM.",
+ "format" : "pve-vmid",
+ "minimum" : 1,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (1 - N)"
+ }
+ }
+ },
+ "permissions" : {
+ "user" : "all"
+ },
+ "returns" : {
+ "description" : "The next free VMID.",
+ "type" : "integer"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/nextid",
+ "text" : "nextid"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "description" : "Cluster index.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {},
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{name}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster",
+ "text" : "cluster"
+ },
+ {
+ "children" : [
+ {
+ "children" : [
+ {
+ "children" : [
+ {
+ "children" : [
+ {
+ "children" : [
+ {
+ "children" : [
+ {
+ "info" : {
+ "DELETE" : {
+ "description" : "Delete rule.",
+ "method" : "DELETE",
+ "name" : "delete_rule",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 40,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "pos" : {
+ "description" : "Update rule at position <pos>.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "vmid" : {
+ "description" : "The (unique) ID of the VM.",
+ "format" : "pve-vmid",
+ "minimum" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (1 - N)"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/vms/{vmid}",
+ [
+ "VM.Config.Network"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : null,
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "GET" : {
+ "description" : "Get single rule data.",
+ "method" : "GET",
+ "name" : "get_rule",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "pos" : {
+ "description" : "Update rule at position <pos>.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "vmid" : {
+ "description" : "The (unique) ID of the VM.",
+ "format" : "pve-vmid",
+ "minimum" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (1 - N)"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/vms/{vmid}",
+ [
+ "VM.Audit"
+ ]
+ ]
+ },
+ "proxyto" : null,
+ "returns" : {
+ "properties" : {
+ "pos" : {
+ "type" : "integer"
+ }
+ },
+ "type" : "object"
+ }
+ },
+ "PUT" : {
+ "description" : "Modify rule data.",
+ "method" : "PUT",
+ "name" : "update_rule",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "action" : {
+ "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
+ "maxLength" : 20,
+ "minLength" : 2,
+ "optional" : 1,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "type" : "string"
+ },
+ "comment" : {
+ "description" : "Descriptive comment.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "format" : "pve-configid-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dest" : {
+ "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
+ "format" : "pve-fw-addr-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 40,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dport" : {
+ "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
+ "format" : "pve-fw-dport-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "enable" : {
+ "description" : "Flag to enable/disable a rule.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "iface" : {
+ "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
+ "format" : "pve-iface",
+ "maxLength" : 20,
+ "minLength" : 2,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "macro" : {
+ "description" : "Use predefined standard macro.",
+ "maxLength" : 128,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "moveto" : {
+ "description" : "Move rule to new position <moveto>. Other arguments are ignored.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "pos" : {
+ "description" : "Update rule at position <pos>.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "proto" : {
+ "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
+ "format" : "pve-fw-protocol-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "source" : {
+ "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
+ "format" : "pve-fw-addr-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "sport" : {
+ "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
+ "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
+ "maxLength" : 20,
+ "minLength" : 2,
+ "optional" : 0,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "type" : "string"
+ },
+ "comment" : {
+ "description" : "Descriptive comment.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dest" : {
+ "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
+ "format" : "pve-fw-addr-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 40,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dport" : {
+ "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
+ "format" : "pve-fw-dport-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "enable" : {
+ "description" : "Flag to enable/disable a rule.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "iface" : {
+ "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
+ "format" : "pve-iface",
+ "maxLength" : 20,
+ "minLength" : 2,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "macro" : {
+ "description" : "Use predefined standard macro.",
+ "maxLength" : 128,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "pos" : {
+ "description" : "Update rule at position <pos>.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "proto" : {
+ "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
+ "format" : "pve-fw-protocol-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "source" : {
+ "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
+ "format" : "pve-fw-addr-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "sport" : {
+ "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
+ "description" : "Enable default IP filters. This is equivalent to adding an empty ipfilter-net<id> ipset for every interface. Such ipsets implicitly contain sane default restrictions such as restricting IPv6 link local addresses to the one derived from the interface's MAC address. For containers the configured IP addresses will be implicitly added.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "log_level_in" : {
+ "description" : "Log level for incoming traffic.",
+ "enum" : [
+ "emerg",
+ "alert",
+ "crit",
+ "err",
+ "warning",
+ "notice",
+ "info",
+ "debug",
+ "nolog"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "log_level_out" : {
+ "description" : "Log level for outgoing traffic.",
+ "enum" : [
+ "emerg",
+ "alert",
+ "crit",
+ "err",
+ "warning",
+ "notice",
+ "info",
+ "debug",
+ "nolog"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "macfilter" : {
+ "description" : "Enable/disable MAC address filter.",
+ "description" : "Enable default IP filters. This is equivalent to adding an empty ipfilter-net<id> ipset for every interface. Such ipsets implicitly contain sane default restrictions such as restricting IPv6 link local addresses to the one derived from the interface's MAC address. For containers the configured IP addresses will be implicitly added.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "log_level_in" : {
+ "description" : "Log level for incoming traffic.",
+ "enum" : [
+ "emerg",
+ "alert",
+ "crit",
+ "err",
+ "warning",
+ "notice",
+ "info",
+ "debug",
+ "nolog"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "log_level_out" : {
+ "description" : "Log level for outgoing traffic.",
+ "enum" : [
+ "emerg",
+ "alert",
+ "crit",
+ "err",
+ "warning",
+ "notice",
+ "info",
+ "debug",
+ "nolog"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "macfilter" : {
+ "description" : "Enable/disable MAC address filter.",
+ "description" : "Lists possible IPSet/Alias reference which are allowed in source/dest properties.",
+ "method" : "GET",
+ "name" : "refs",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "type" : {
+ "description" : "Only list references of specified type.",
+ "enum" : [
+ "alias",
+ "ipset"
+ ],
+ "optional" : 1,
+ "type" : "string"
},
- "proxyto" : null,
- "returns" : {
- "properties" : {
- "pos" : {
- "type" : "integer"
- }
- },
- "type" : "object"
+ "vmid" : {
+ "description" : "The (unique) ID of the VM.",
+ "format" : "pve-vmid",
+ "minimum" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (1 - N)"
}
- },
- "PUT" : {
- "description" : "Modify rule data.",
- "method" : "PUT",
- "name" : "update_rule",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "action" : {
- "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
- "maxLength" : 20,
- "minLength" : 2,
- "optional" : 1,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- },
- "comment" : {
- "optional" : 1,
- "type" : "string"
- },
- "delete" : {
- "description" : "A list of settings you want to delete.",
- "format" : "pve-configid-list",
- "optional" : 1,
- "type" : "string"
- },
- "dest" : {
- "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
- "format" : "pve-fw-addr-spec",
- "optional" : 1,
- "type" : "string"
- },
- "digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
- "optional" : 1,
- "type" : "string"
- },
- "dport" : {
- "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
- "format" : "pve-fw-dport-spec",
- "optional" : 1,
- "type" : "string"
- },
- "enable" : {
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "integer (0- N)"
- },
- "iface" : {
- "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
- "format" : "pve-iface",
- "maxLength" : 20,
- "minLength" : 2,
- "optional" : 1,
- "type" : "string"
- },
- "macro" : {
- "maxLength" : 128,
- "optional" : 1,
- "type" : "string"
- },
- "moveto" : {
- "description" : "Move rule to new position <moveto>. Other arguments are ignored.",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "integer (0- N)"
- },
- "node" : {
- "description" : "The cluster node name.",
- "format" : "pve-node",
- "type" : "string"
- },
- "pos" : {
- "description" : "Update rule at position <pos>.",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "integer (0- N)"
- },
- "proto" : {
- "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
- "format" : "pve-fw-protocol-spec",
- "optional" : 1,
- "type" : "string"
- },
- "source" : {
- "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
- "format" : "pve-fw-addr-spec",
- "optional" : 1,
- "type" : "string"
- },
- "sport" : {
- "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
- "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
- "maxLength" : 20,
- "minLength" : 2,
- "optional" : 0,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- },
- "comment" : {
- "optional" : 1,
- "type" : "string"
- },
- "dest" : {
- "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
- "format" : "pve-fw-addr-spec",
- "optional" : 1,
- "type" : "string"
- },
- "digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
- "optional" : 1,
- "type" : "string"
- },
- "dport" : {
- "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
- "format" : "pve-fw-dport-spec",
- "optional" : 1,
- "type" : "string"
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
},
- "enable" : {
- "minimum" : 0,
- "optional" : 1,
+ "vmid" : {
+ "description" : "The (unique) ID of the VM.",
+ "format" : "pve-vmid",
+ "minimum" : 1,
"type" : "integer",
- "typetext" : "integer (0- N)"
- },
- "iface" : {
- "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
- "format" : "pve-iface",
- "maxLength" : 20,
- "minLength" : 2,
- "optional" : 1,
- "type" : "string"
- },
- "macro" : {
- "maxLength" : 128,
- "optional" : 1,
- "type" : "string"
- },
+ "typetext" : "<integer> (1 - N)"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/vms/{vmid}",
+ [
+ "VM.Monitor"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "description" : "Returns an object with a single `result` property.",
- "description" : "Update rule at position <pos>.",
- "minimum" : 0,
- "optional" : 1,
+ "vmid" : {
+ "description" : "The (unique) ID of the VM.",
+ "format" : "pve-vmid",
+ "minimum" : 1,
"type" : "integer",
- "typetext" : "integer (0- N)"
- },
- "proto" : {
- "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
- "format" : "pve-fw-protocol-spec",
- "optional" : 1,
- "type" : "string"
- },
- "source" : {
- "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
- "format" : "pve-fw-addr-spec",
- "optional" : 1,
- "type" : "string"
- },
- "sport" : {
- "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
- "format" : "pve-fw-sport-spec",
- "optional" : 1,
- "type" : "string"
+ "typetext" : "<integer> (1 - N)"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/vms/{vmid}",
+ [
+ "VM.Monitor"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "description" : "Returns an object with a single `result` property.",
- "description" : "Enable default IP filters. This is equivalent to adding an empty ipfilter-net<id> ipset for every interface. Such ipsets implicitly contain sane default restrictions such as restricting IPv6 link local addresses to the one derived from the interface's MAC address. For containers the configured IP addresses will be implicitly added.",
- "optional" : 1,
- "type" : "boolean"
- },
- "log_level_in" : {
- "description" : "Log level for incoming traffic.",
- "enum" : [
- "emerg",
- "alert",
- "crit",
- "err",
- "warning",
- "notice",
- "info",
- "debug",
- "nolog"
- ],
- "optional" : 1,
- "type" : "string"
- },
- "log_level_out" : {
- "description" : "Log level for outgoing traffic.",
- "enum" : [
- "emerg",
- "alert",
- "crit",
- "err",
- "warning",
- "notice",
- "info",
- "debug",
- "nolog"
- ],
- "optional" : 1,
- "type" : "string"
- },
- "macfilter" : {
- "description" : "Enable/disable MAC address filter.",
- "description" : "Enable default IP filters. This is equivalent to adding an empty ipfilter-net<id> ipset for every interface. Such ipsets implicitly contain sane default restrictions such as restricting IPv6 link local addresses to the one derived from the interface's MAC address. For containers the configured IP addresses will be implicitly added.",
- "optional" : 1,
- "type" : "boolean"
- },
- "log_level_in" : {
- "description" : "Log level for incoming traffic.",
- "enum" : [
- "emerg",
- "alert",
- "crit",
- "err",
- "warning",
- "notice",
- "info",
- "debug",
- "nolog"
- ],
- "optional" : 1,
- "type" : "string"
- },
- "log_level_out" : {
- "description" : "Log level for outgoing traffic.",
- "enum" : [
- "emerg",
- "alert",
- "crit",
- "err",
- "warning",
- "notice",
- "info",
- "debug",
- "nolog"
- ],
- "optional" : 1,
- "type" : "string"
- },
- "macfilter" : {
- "description" : "Enable/disable MAC address filter.",
"description" : "This is an alias for option -ide2",
- "format" : "pve-qm-drive",
+ "format" : "pve-qm-ide",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<volume>"
+ },
+ "cipassword" : {
+ "description" : "cloud-init: Password to assign the user. Using this is generally not recommended. Use ssh keys instead. Also note that older cloud-init versions do not support hashed passwords.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "citype" : {
+ "description" : "Specifies the cloud-init configuration format. The default depends on the configured operating system type (`ostype`. We use the `nocloud` format for Linux, and `configdrive2` for windows.",
+ "enum" : [
+ "configdrive2",
+ "nocloud"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "ciuser" : {
+ "description" : "cloud-init: User name to change ssh keys and password for instead of the image's configured default user.",
+ "description" : "List of additional CPU flags separated by ';'. Use '+FLAG' to enable, '-FLAG' to disable a flag. Currently supported flags: 'pcid', 'spec-ctrl'.",
"verbose_description" : "Limit of CPU usage.\n\nNOTE: If the computer has 2 CPUs, it has total of '2' CPU time. Value '0' indicates no CPU limit."
},
"cpuunits" : {
- "default" : 1000,
+ "default" : 1024,
"description" : "CPU weight for a VM.",
- "maximum" : 500000,
- "minimum" : 0,
+ "maximum" : 262144,
+ "minimum" : 2,
"optional" : 1,
"type" : "integer",
- "typetext" : "integer (0-500000)",
- "verbose_description" : "CPU weight for a VM. Argument is used in the kernel fair scheduler. The larger the number is, the more CPU time this VM gets. Number is relative to weights of all the other running VMs.\n\nNOTE: You can disable fair-scheduler configuration by setting this to 0."
+ "typetext" : "<integer> (2 - 262144)",
+ "verbose_description" : "CPU weight for a VM. Argument is used in the kernel fair scheduler. The larger the number is, the more CPU time this VM gets. Number is relative to weights of all the other running VMs."
},
"delete" : {
"description" : "A list of settings you want to delete.",
"format" : "pve-configid-list",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"description" : {
"description" : "Description for the VM. Only used on the configuration web interface. This is saved as comment inside the configuration file.",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"digest" : {
"description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
"maxLength" : 40,
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"force" : {
"description" : "Force physical removal. Without this, we simple remove the disk from the config file and create an additional configuration entry called 'unused[n]', which contains the volume ID. Unlink of unused[n] always cause physical removal.",
"optional" : 1,
"requires" : "delete",
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"freeze" : {
"description" : "Freeze CPU at startup (use 'c' monitor command to start execution).",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"hostpci[n]" : {
"description" : "Map host PCI devices into guest.",
"verbose_description" : "Map host PCI devices into guest.\n\nNOTE: This option allows direct access to host hardware. So it is no longer \npossible to migrate such machines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
"description" : "Selectively enable hotplug features. This is a comma separated list of hotplug features: 'network', 'disk', 'cpu', 'memory' and 'usb'. Use '0' to disable hotplug completely. Value '1' is an alias for the default 'network,disk,usb'.",
+ "description" : "Mark this locally-managed volume as available on all nodes",
+ "optional" : 1,
+ "type" : "boolean",
+ "verbose_description" : "Mark this locally-managed volume as available on all nodes.\n\nWARNING: This option does not share the volume automatically, it assumes it is shared already!"
+ },
"size" : {
"description" : "Disk size. This is purely informational and has no effect.",
- "description" : "Whether the drive should be included when making snapshots.",
+ "description" : "Controls qemu's snapshot mode feature. If activated, changes made to the disk are temporary and will be discarded when the VM is shutdown.",
+ "description" : "cloud-init: Specify IP addresses and gateways for the corresponding interface.\n\nIP addresses use CIDR notation, gateways are optional but need an IP of the same type specified.\n\nThe special string 'dhcp' can be used for IP addresses to use DHCP, in which case no explicit gateway should be provided.\nFor IPv6 the special string 'auto' can be used to use stateless autoconfiguration.\n\nIf cloud-init is enabled and neither an IPv4 nor an IPv6 address is specified, it defaults to using dhcp on IPv4.\n",
- "description" : "Keybord layout for vnc server. Default is read from the '/etc/pve/datacenter.conf' configuration file.",
+ "default" : null,
+ "description" : "Keybord layout for vnc server. Default is read from the '/etc/pve/datacenter.conf' configuration file.It should not be necessary to set it.",
"description" : "Set a name for the VM. Only used on the configuration web interface.",
"format" : "dns-name",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "nameserver" : {
+ "description" : "cloud-init: Sets DNS server IP address for a container. Create will automatically use the setting from the host if neither searchdomain nor nameserver are set.",
- "verbose_description" : "Specify guest operating system. This is used to enable special\noptimization/features for specific operating systems:\n\n[horizontal]\nother;; unspecified OS\nwxp;; Microsoft Windows XP\nw2k;; Microsoft Windows 2000\nw2k3;; Microsoft Windows 2003\nw2k8;; Microsoft Windows 2008\nwvista;; Microsoft Windows Vista\nwin7;; Microsoft Windows 7\nwin8;; Microsoft Windows 8/2012\nl24;; Linux 2.4 Kernel\nl26;; Linux 2.6/3.X Kernel\nsolaris;; Solaris/OpenSolaris/OpenIndiania kernel\n"
+ "verbose_description" : "Specify guest operating system. This is used to enable special\noptimization/features for specific operating systems:\n\n[horizontal]\nother;; unspecified OS\nwxp;; Microsoft Windows XP\nw2k;; Microsoft Windows 2000\nw2k3;; Microsoft Windows 2003\nw2k8;; Microsoft Windows 2008\nwvista;; Microsoft Windows Vista\nwin7;; Microsoft Windows 7\nwin8;; Microsoft Windows 8/2012/2012r2\nwin10;; Microsoft Windows 10/2016\nl24;; Linux 2.4 Kernel\nl26;; Linux 2.6/3.X Kernel\nsolaris;; Solaris/OpenSolaris/OpenIndiania kernel\n"
},
"parallel[n]" : {
"description" : "Map host parallel devices (n is 0 to 2).",
+ "description" : "Mark this locally-managed volume as available on all nodes",
+ "optional" : 1,
+ "type" : "boolean",
+ "verbose_description" : "Mark this locally-managed volume as available on all nodes.\n\nWARNING: This option does not share the volume automatically, it assumes it is shared already!"
+ },
"size" : {
"description" : "Disk size. This is purely informational and has no effect.",
- "description" : "Whether the drive should be included when making snapshots.",
+ "description" : "Controls qemu's snapshot mode feature. If activated, changes made to the disk are temporary and will be discarded when the VM is shutdown.",
+ "description" : "Whether the drive should considered for replication jobs.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "rerror" : {
+ "description" : "Read error action.",
+ "enum" : [
+ "ignore",
+ "report",
+ "stop"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "scsiblock" : {
+ "default" : 0,
+ "description" : "whether to use scsi-block for full passthrough of host block device\n\nWARNING: can lead to I/O errors in combination with low memory or high memory fragmentation on host",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"secs" : {
"description" : "Force the drive's physical geometry to have a specific sector count.",
+ "description" : "Mark this locally-managed volume as available on all nodes",
+ "optional" : 1,
+ "type" : "boolean",
+ "verbose_description" : "Mark this locally-managed volume as available on all nodes.\n\nWARNING: This option does not share the volume automatically, it assumes it is shared already!"
+ },
"size" : {
"description" : "Disk size. This is purely informational and has no effect.",
- "description" : "Whether the drive should be included when making snapshots.",
+ "description" : "Controls qemu's snapshot mode feature. If activated, changes made to the disk are temporary and will be discarded when the VM is shutdown.",
+ "description" : "cloud-init: Sets DNS search domains for a container. Create will automatically use the setting from the host if neither searchdomain nor nameserver are set.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"serial[n]" : {
"description" : "Create a serial device inside the VM (n is 0 to 3)",
"description" : "Enable/disable the USB tablet device.",
"optional" : 1,
"type" : "boolean",
+ "typetext" : "<boolean>",
"verbose_description" : "Enable/disable the USB tablet device. This device is usually needed to allow absolute mouse positioning with VNC. Else the mouse runs out of sync with normal VNC clients. If you're running lots of console-only guests on one host, you may consider disabling this to save some context switches. This is turned off by default if you use spice (-vga=qxl)."
},
"tdf" : {
"default" : 0,
"description" : "Enable/disable time drift fix.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"template" : {
"default" : 0,
"description" : "Enable/disable Template.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"unused[n]" : {
"description" : "Reference to unused volumes. This is used internally, and should not be modified manually.",
"format" : "pve-volume-id",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"usb[n]" : {
"description" : "Configure an USB device (n is 0 to 4).",
+ "description" : "Mark this locally-managed volume as available on all nodes",
+ "optional" : 1,
+ "type" : "boolean",
+ "verbose_description" : "Mark this locally-managed volume as available on all nodes.\n\nWARNING: This option does not share the volume automatically, it assumes it is shared already!"
+ },
"size" : {
"description" : "Disk size. This is purely informational and has no effect.",
- "description" : "Whether the drive should be included when making snapshots.",
+ "description" : "Controls qemu's snapshot mode feature. If activated, changes made to the disk are temporary and will be discarded when the VM is shutdown.",
"verbose_description" : "Create a virtual hardware watchdog device. Once enabled (by a guest action), the watchdog must be periodically polled by an agent inside the guest or else the watchdog will reset the guest (or execute the respective action specified)"
"description" : "This is an alias for option -ide2",
- "format" : "pve-qm-drive",
+ "format" : "pve-qm-ide",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<volume>"
+ },
+ "cipassword" : {
+ "description" : "cloud-init: Password to assign the user. Using this is generally not recommended. Use ssh keys instead. Also note that older cloud-init versions do not support hashed passwords.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "citype" : {
+ "description" : "Specifies the cloud-init configuration format. The default depends on the configured operating system type (`ostype`. We use the `nocloud` format for Linux, and `configdrive2` for windows.",
+ "enum" : [
+ "configdrive2",
+ "nocloud"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "ciuser" : {
+ "description" : "cloud-init: User name to change ssh keys and password for instead of the image's configured default user.",
+ "description" : "List of additional CPU flags separated by ';'. Use '+FLAG' to enable, '-FLAG' to disable a flag. Currently supported flags: 'pcid', 'spec-ctrl'.",
"verbose_description" : "Limit of CPU usage.\n\nNOTE: If the computer has 2 CPUs, it has total of '2' CPU time. Value '0' indicates no CPU limit."
},
"cpuunits" : {
- "default" : 1000,
+ "default" : 1024,
"description" : "CPU weight for a VM.",
- "maximum" : 500000,
- "minimum" : 0,
+ "maximum" : 262144,
+ "minimum" : 2,
"optional" : 1,
"type" : "integer",
- "typetext" : "integer (0-500000)",
- "verbose_description" : "CPU weight for a VM. Argument is used in the kernel fair scheduler. The larger the number is, the more CPU time this VM gets. Number is relative to weights of all the other running VMs.\n\nNOTE: You can disable fair-scheduler configuration by setting this to 0."
+ "typetext" : "<integer> (2 - 262144)",
+ "verbose_description" : "CPU weight for a VM. Argument is used in the kernel fair scheduler. The larger the number is, the more CPU time this VM gets. Number is relative to weights of all the other running VMs."
},
"delete" : {
"description" : "A list of settings you want to delete.",
"format" : "pve-configid-list",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"description" : {
"description" : "Description for the VM. Only used on the configuration web interface. This is saved as comment inside the configuration file.",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"digest" : {
"description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
"maxLength" : 40,
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"force" : {
"description" : "Force physical removal. Without this, we simple remove the disk from the config file and create an additional configuration entry called 'unused[n]', which contains the volume ID. Unlink of unused[n] always cause physical removal.",
"optional" : 1,
"requires" : "delete",
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"freeze" : {
"description" : "Freeze CPU at startup (use 'c' monitor command to start execution).",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"hostpci[n]" : {
"description" : "Map host PCI devices into guest.",
"verbose_description" : "Map host PCI devices into guest.\n\nNOTE: This option allows direct access to host hardware. So it is no longer \npossible to migrate such machines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
"description" : "Selectively enable hotplug features. This is a comma separated list of hotplug features: 'network', 'disk', 'cpu', 'memory' and 'usb'. Use '0' to disable hotplug completely. Value '1' is an alias for the default 'network,disk,usb'.",
+ "description" : "Mark this locally-managed volume as available on all nodes",
+ "optional" : 1,
+ "type" : "boolean",
+ "verbose_description" : "Mark this locally-managed volume as available on all nodes.\n\nWARNING: This option does not share the volume automatically, it assumes it is shared already!"
+ },
"size" : {
"description" : "Disk size. This is purely informational and has no effect.",
- "description" : "Whether the drive should be included when making snapshots.",
+ "description" : "Controls qemu's snapshot mode feature. If activated, changes made to the disk are temporary and will be discarded when the VM is shutdown.",
+ "description" : "cloud-init: Specify IP addresses and gateways for the corresponding interface.\n\nIP addresses use CIDR notation, gateways are optional but need an IP of the same type specified.\n\nThe special string 'dhcp' can be used for IP addresses to use DHCP, in which case no explicit gateway should be provided.\nFor IPv6 the special string 'auto' can be used to use stateless autoconfiguration.\n\nIf cloud-init is enabled and neither an IPv4 nor an IPv6 address is specified, it defaults to using dhcp on IPv4.\n",
- "description" : "Keybord layout for vnc server. Default is read from the '/etc/pve/datacenter.conf' configuration file.",
+ "default" : null,
+ "description" : "Keybord layout for vnc server. Default is read from the '/etc/pve/datacenter.conf' configuration file.It should not be necessary to set it.",
"description" : "Set a name for the VM. Only used on the configuration web interface.",
"format" : "dns-name",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "nameserver" : {
+ "description" : "cloud-init: Sets DNS server IP address for a container. Create will automatically use the setting from the host if neither searchdomain nor nameserver are set.",
- "verbose_description" : "Specify guest operating system. This is used to enable special\noptimization/features for specific operating systems:\n\n[horizontal]\nother;; unspecified OS\nwxp;; Microsoft Windows XP\nw2k;; Microsoft Windows 2000\nw2k3;; Microsoft Windows 2003\nw2k8;; Microsoft Windows 2008\nwvista;; Microsoft Windows Vista\nwin7;; Microsoft Windows 7\nwin8;; Microsoft Windows 8/2012\nl24;; Linux 2.4 Kernel\nl26;; Linux 2.6/3.X Kernel\nsolaris;; Solaris/OpenSolaris/OpenIndiania kernel\n"
+ "verbose_description" : "Specify guest operating system. This is used to enable special\noptimization/features for specific operating systems:\n\n[horizontal]\nother;; unspecified OS\nwxp;; Microsoft Windows XP\nw2k;; Microsoft Windows 2000\nw2k3;; Microsoft Windows 2003\nw2k8;; Microsoft Windows 2008\nwvista;; Microsoft Windows Vista\nwin7;; Microsoft Windows 7\nwin8;; Microsoft Windows 8/2012/2012r2\nwin10;; Microsoft Windows 10/2016\nl24;; Linux 2.4 Kernel\nl26;; Linux 2.6/3.X Kernel\nsolaris;; Solaris/OpenSolaris/OpenIndiania kernel\n"
},
"parallel[n]" : {
"description" : "Map host parallel devices (n is 0 to 2).",
+ "description" : "Mark this locally-managed volume as available on all nodes",
+ "optional" : 1,
+ "type" : "boolean",
+ "verbose_description" : "Mark this locally-managed volume as available on all nodes.\n\nWARNING: This option does not share the volume automatically, it assumes it is shared already!"
+ },
"size" : {
"description" : "Disk size. This is purely informational and has no effect.",
- "description" : "Whether the drive should be included when making snapshots.",
+ "description" : "Controls qemu's snapshot mode feature. If activated, changes made to the disk are temporary and will be discarded when the VM is shutdown.",
+ "description" : "Whether the drive should considered for replication jobs.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "rerror" : {
+ "description" : "Read error action.",
+ "enum" : [
+ "ignore",
+ "report",
+ "stop"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "scsiblock" : {
+ "default" : 0,
+ "description" : "whether to use scsi-block for full passthrough of host block device\n\nWARNING: can lead to I/O errors in combination with low memory or high memory fragmentation on host",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"secs" : {
"description" : "Force the drive's physical geometry to have a specific sector count.",
+ "description" : "Mark this locally-managed volume as available on all nodes",
+ "optional" : 1,
+ "type" : "boolean",
+ "verbose_description" : "Mark this locally-managed volume as available on all nodes.\n\nWARNING: This option does not share the volume automatically, it assumes it is shared already!"
+ },
"size" : {
"description" : "Disk size. This is purely informational and has no effect.",
- "description" : "Whether the drive should be included when making snapshots.",
+ "description" : "Controls qemu's snapshot mode feature. If activated, changes made to the disk are temporary and will be discarded when the VM is shutdown.",
+ "description" : "cloud-init: Sets DNS search domains for a container. Create will automatically use the setting from the host if neither searchdomain nor nameserver are set.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"serial[n]" : {
"description" : "Create a serial device inside the VM (n is 0 to 3)",
"description" : "Enable/disable the USB tablet device.",
"optional" : 1,
"type" : "boolean",
+ "typetext" : "<boolean>",
"verbose_description" : "Enable/disable the USB tablet device. This device is usually needed to allow absolute mouse positioning with VNC. Else the mouse runs out of sync with normal VNC clients. If you're running lots of console-only guests on one host, you may consider disabling this to save some context switches. This is turned off by default if you use spice (-vga=qxl)."
},
"tdf" : {
"default" : 0,
"description" : "Enable/disable time drift fix.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"template" : {
"default" : 0,
"description" : "Enable/disable Template.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"unused[n]" : {
"description" : "Reference to unused volumes. This is used internally, and should not be modified manually.",
"format" : "pve-volume-id",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"usb[n]" : {
"description" : "Configure an USB device (n is 0 to 4).",
+ "description" : "Mark this locally-managed volume as available on all nodes",
+ "optional" : 1,
+ "type" : "boolean",
+ "verbose_description" : "Mark this locally-managed volume as available on all nodes.\n\nWARNING: This option does not share the volume automatically, it assumes it is shared already!"
+ },
"size" : {
"description" : "Disk size. This is purely informational and has no effect.",
- "description" : "Whether the drive should be included when making snapshots.",
+ "description" : "Controls qemu's snapshot mode feature. If activated, changes made to the disk are temporary and will be discarded when the VM is shutdown.",
"verbose_description" : "Create a virtual hardware watchdog device. Once enabled (by a guest action), the watchdog must be periodically polled by an agent inside the guest or else the watchdog will reset the guest (or execute the respective action specified)"
"description" : "Force physical removal. Without this, we simple remove the disk from the config file and create an additional configuration entry called 'unused[n]', which contains the volume ID. Unlink of unused[n] always cause physical removal.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"idlist" : {
"description" : "A list of disk IDs you want to delete.",
"description" : "SPICE proxy server. This can be used by the client to specify the proxy server. All nodes in a cluster runs 'spiceproxy', so it is up to the client to choose one. By default, we return the node where the VM is currently running. As resonable setting is to use same node you use to connect to the API (This is window.location.hostname for the JS GUI).",
+ "description" : "CIDR of the (sub) network that is used for migration.",
+ "format" : "CIDR",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "migration_type" : {
+ "description" : "Migration traffic is encrypted using an SSH tunnel by default. On secure, completely private networks this can be disabled to increase performance.",
+ "enum" : [
+ "secure",
+ "insecure"
+ ],
+ "optional" : 1,
"type" : "string"
},
"node" : {
"description" : "The cluster node name.",
"format" : "pve-node",
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"skiplock" : {
"description" : "Ignore locks - only root is allowed to use this option.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"stateuri" : {
"description" : "Some command save/restore state from this location.",
"maxLength" : 128,
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "targetstorage" : {
+ "description" : "Target storage for the migration. (Can be '1' to use the same storage id as on the source node.)",
- "description" : "Target format for file storage.",
+ "description" : "Target format for file storage. Only valid for full clone.",
"enum" : [
"raw",
"qcow2",
"vmdk"
],
"optional" : 1,
- "requires" : "full",
"type" : "string"
},
"full" : {
- "default" : 0,
- "description" : "Create a full copy of all disk. This is always done when you clone a normal VM. For VM templates, we try to create a linked clone by default.",
+ "description" : "Create a full copy of all disks. This is always done when you clone a normal VM. For VM templates, we try to create a linked clone by default.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"name" : {
"description" : "Set a name for the new VM.",
"format" : "dns-name",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"newid" : {
"description" : "VMID for the clone.",
"format" : "pve-vmid",
"minimum" : 1,
"type" : "integer",
- "typetext" : "integer (1- N)"
+ "typetext" : "<integer> (1 - N)"
},
"node" : {
"description" : "The cluster node name.",
"format" : "pve-node",
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"pool" : {
"description" : "Add the new VM to the specified pool.",
"format" : "pve-poolid",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"snapname" : {
"description" : "The name of the snapshot.",
"format" : "pve-configid",
"maxLength" : 40,
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"storage" : {
"description" : "Target storage for full clone.",
"format" : "pve-storage-id",
"optional" : 1,
- "requires" : "full",
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"target" : {
"description" : "Target node. Only allowed if the original VM is on shared storage.",
"description" : "Allow to migrate VMs which use local devices. Only root may use this option.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "migration_network" : {
+ "description" : "CIDR of the (sub) network that is used for migration.",
+ "format" : "CIDR",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "migration_type" : {
+ "description" : "Migration traffic is encrypted using an SSH tunnel by default. On secure, completely private networks this can be disabled to increase performance.",
+ "enum" : [
+ "secure",
+ "insecure"
+ ],
+ "optional" : 1,
+ "type" : "string"
},
"node" : {
"description" : "The cluster node name.",
"format" : "pve-node",
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"online" : {
"description" : "Use online/live migration.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"target" : {
"description" : "Target node.",
"format" : "pve-node",
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "targetstorage" : {
+ "description" : "Default target storage.",
+ "format" : "pve-storage-id",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
},
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
"minimum" : 1,
"type" : "integer",
- "typetext" : "integer (1- N)"
+ "typetext" : "<integer> (1 - N)"
+ },
+ "with-local-disks" : {
+ "description" : "Enable live storage migration for local disk",
- "description" : "The new size. With the '+' sign the value is added to the actual size of the volume and without it, the value is taken as an absolute one. Shrinking disk size is not supported.",
+ "description" : "The new size. With the `+` sign the value is added to the actual size of the volume and without it, the value is taken as an absolute one. Shrinking disk size is not supported.",
"pattern" : "\\+?\\d+(\\.\\d+)?[KMGT]?",
"type" : "string"
},
"skiplock" : {
"description" : "Ignore locks - only root is allowed to use this option.",
+ "description" : "Override i/o bandwidth limit (in KiB/s).",
+ "minimum" : "0",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
"cdrom" : {
"description" : "This is an alias for option -ide2",
- "format" : "pve-qm-drive",
+ "format" : "pve-qm-ide",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<volume>"
+ },
+ "cipassword" : {
+ "description" : "cloud-init: Password to assign the user. Using this is generally not recommended. Use ssh keys instead. Also note that older cloud-init versions do not support hashed passwords.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "citype" : {
+ "description" : "Specifies the cloud-init configuration format. The default depends on the configured operating system type (`ostype`. We use the `nocloud` format for Linux, and `configdrive2` for windows.",
+ "enum" : [
+ "configdrive2",
+ "nocloud"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "ciuser" : {
+ "description" : "cloud-init: User name to change ssh keys and password for instead of the image's configured default user.",
+ "description" : "List of additional CPU flags separated by ';'. Use '+FLAG' to enable, '-FLAG' to disable a flag. Currently supported flags: 'pcid', 'spec-ctrl'.",
"verbose_description" : "Limit of CPU usage.\n\nNOTE: If the computer has 2 CPUs, it has total of '2' CPU time. Value '0' indicates no CPU limit."
},
"cpuunits" : {
- "default" : 1000,
+ "default" : 1024,
"description" : "CPU weight for a VM.",
- "maximum" : 500000,
- "minimum" : 0,
+ "maximum" : 262144,
+ "minimum" : 2,
"optional" : 1,
"type" : "integer",
- "typetext" : "integer (0-500000)",
- "verbose_description" : "CPU weight for a VM. Argument is used in the kernel fair scheduler. The larger the number is, the more CPU time this VM gets. Number is relative to weights of all the other running VMs.\n\nNOTE: You can disable fair-scheduler configuration by setting this to 0."
+ "typetext" : "<integer> (2 - 262144)",
+ "verbose_description" : "CPU weight for a VM. Argument is used in the kernel fair scheduler. The larger the number is, the more CPU time this VM gets. Number is relative to weights of all the other running VMs."
},
"description" : {
"description" : "Description for the VM. Only used on the configuration web interface. This is saved as comment inside the configuration file.",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"force" : {
"description" : "Allow to overwrite existing VM.",
"optional" : 1,
"requires" : "archive",
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"freeze" : {
"description" : "Freeze CPU at startup (use 'c' monitor command to start execution).",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"hostpci[n]" : {
"description" : "Map host PCI devices into guest.",
"verbose_description" : "Map host PCI devices into guest.\n\nNOTE: This option allows direct access to host hardware. So it is no longer \npossible to migrate such machines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
"description" : "Selectively enable hotplug features. This is a comma separated list of hotplug features: 'network', 'disk', 'cpu', 'memory' and 'usb'. Use '0' to disable hotplug completely. Value '1' is an alias for the default 'network,disk,usb'.",
+ "description" : "Mark this locally-managed volume as available on all nodes",
+ "optional" : 1,
+ "type" : "boolean",
+ "verbose_description" : "Mark this locally-managed volume as available on all nodes.\n\nWARNING: This option does not share the volume automatically, it assumes it is shared already!"
+ },
"size" : {
"description" : "Disk size. This is purely informational and has no effect.",
- "description" : "Whether the drive should be included when making snapshots.",
+ "description" : "Controls qemu's snapshot mode feature. If activated, changes made to the disk are temporary and will be discarded when the VM is shutdown.",
+ "description" : "cloud-init: Specify IP addresses and gateways for the corresponding interface.\n\nIP addresses use CIDR notation, gateways are optional but need an IP of the same type specified.\n\nThe special string 'dhcp' can be used for IP addresses to use DHCP, in which case no explicit gateway should be provided.\nFor IPv6 the special string 'auto' can be used to use stateless autoconfiguration.\n\nIf cloud-init is enabled and neither an IPv4 nor an IPv6 address is specified, it defaults to using dhcp on IPv4.\n",
- "description" : "Keybord layout for vnc server. Default is read from the '/etc/pve/datacenter.conf' configuration file.",
+ "default" : null,
+ "description" : "Keybord layout for vnc server. Default is read from the '/etc/pve/datacenter.conf' configuration file.It should not be necessary to set it.",
"description" : "Set a name for the VM. Only used on the configuration web interface.",
"format" : "dns-name",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "nameserver" : {
+ "description" : "cloud-init: Sets DNS server IP address for a container. Create will automatically use the setting from the host if neither searchdomain nor nameserver are set.",
- "verbose_description" : "Specify guest operating system. This is used to enable special\noptimization/features for specific operating systems:\n\n[horizontal]\nother;; unspecified OS\nwxp;; Microsoft Windows XP\nw2k;; Microsoft Windows 2000\nw2k3;; Microsoft Windows 2003\nw2k8;; Microsoft Windows 2008\nwvista;; Microsoft Windows Vista\nwin7;; Microsoft Windows 7\nwin8;; Microsoft Windows 8/2012\nl24;; Linux 2.4 Kernel\nl26;; Linux 2.6/3.X Kernel\nsolaris;; Solaris/OpenSolaris/OpenIndiania kernel\n"
+ "verbose_description" : "Specify guest operating system. This is used to enable special\noptimization/features for specific operating systems:\n\n[horizontal]\nother;; unspecified OS\nwxp;; Microsoft Windows XP\nw2k;; Microsoft Windows 2000\nw2k3;; Microsoft Windows 2003\nw2k8;; Microsoft Windows 2008\nwvista;; Microsoft Windows Vista\nwin7;; Microsoft Windows 7\nwin8;; Microsoft Windows 8/2012/2012r2\nwin10;; Microsoft Windows 10/2016\nl24;; Linux 2.4 Kernel\nl26;; Linux 2.6/3.X Kernel\nsolaris;; Solaris/OpenSolaris/OpenIndiania kernel\n"
},
"parallel[n]" : {
"description" : "Map host parallel devices (n is 0 to 2).",
+ "description" : "Mark this locally-managed volume as available on all nodes",
+ "optional" : 1,
+ "type" : "boolean",
+ "verbose_description" : "Mark this locally-managed volume as available on all nodes.\n\nWARNING: This option does not share the volume automatically, it assumes it is shared already!"
+ },
"size" : {
"description" : "Disk size. This is purely informational and has no effect.",
- "description" : "Whether the drive should be included when making snapshots.",
+ "description" : "Controls qemu's snapshot mode feature. If activated, changes made to the disk are temporary and will be discarded when the VM is shutdown.",
+ "description" : "Whether the drive should considered for replication jobs.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "rerror" : {
+ "description" : "Read error action.",
+ "enum" : [
+ "ignore",
+ "report",
+ "stop"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "scsiblock" : {
+ "default" : 0,
+ "description" : "whether to use scsi-block for full passthrough of host block device\n\nWARNING: can lead to I/O errors in combination with low memory or high memory fragmentation on host",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"secs" : {
"description" : "Force the drive's physical geometry to have a specific sector count.",
+ "description" : "Mark this locally-managed volume as available on all nodes",
+ "optional" : 1,
+ "type" : "boolean",
+ "verbose_description" : "Mark this locally-managed volume as available on all nodes.\n\nWARNING: This option does not share the volume automatically, it assumes it is shared already!"
+ },
"size" : {
"description" : "Disk size. This is purely informational and has no effect.",
- "description" : "Whether the drive should be included when making snapshots.",
+ "description" : "Controls qemu's snapshot mode feature. If activated, changes made to the disk are temporary and will be discarded when the VM is shutdown.",
+ "description" : "cloud-init: Sets DNS search domains for a container. Create will automatically use the setting from the host if neither searchdomain nor nameserver are set.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"serial[n]" : {
"description" : "Create a serial device inside the VM (n is 0 to 3)",
"description" : "Enable/disable the USB tablet device.",
"optional" : 1,
"type" : "boolean",
+ "typetext" : "<boolean>",
"verbose_description" : "Enable/disable the USB tablet device. This device is usually needed to allow absolute mouse positioning with VNC. Else the mouse runs out of sync with normal VNC clients. If you're running lots of console-only guests on one host, you may consider disabling this to save some context switches. This is turned off by default if you use spice (-vga=qxl)."
},
"tdf" : {
"default" : 0,
"description" : "Enable/disable time drift fix.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"template" : {
"default" : 0,
"description" : "Enable/disable Template.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"unique" : {
"description" : "Assign a unique random ethernet address.",
"optional" : 1,
"requires" : "archive",
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"unused[n]" : {
"description" : "Reference to unused volumes. This is used internally, and should not be modified manually.",
"format" : "pve-volume-id",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"usb[n]" : {
"description" : "Configure an USB device (n is 0 to 4).",
+ "description" : "Mark this locally-managed volume as available on all nodes",
+ "optional" : 1,
+ "type" : "boolean",
+ "verbose_description" : "Mark this locally-managed volume as available on all nodes.\n\nWARNING: This option does not share the volume automatically, it assumes it is shared already!"
+ },
"size" : {
"description" : "Disk size. This is purely informational and has no effect.",
- "description" : "Whether the drive should be included when making snapshots.",
+ "description" : "Controls qemu's snapshot mode feature. If activated, changes made to the disk are temporary and will be discarded when the VM is shutdown.",
"verbose_description" : "Create a virtual hardware watchdog device. Once enabled (by a guest action), the watchdog must be periodically polled by an agent inside the guest or else the watchdog will reset the guest (or execute the respective action specified)"
- "description" : "Whether to include the mountpoint in backups.",
+ "description" : "Whether to include the mountpoint in backups.",
"optional" : 1,
"type" : "boolean",
- "verbose_description" : "Whether to include the mountpoint in backups (only used for volume mountpoints)."
+ "verbose_description" : "Whether to include the mount point in backups (only used for volume mount points)."
},
"mp" : {
- "description" : "Path to the mountpoint as seen from inside the container (must not contain symlinks).",
+ "description" : "Path to the mountpoint as seen from inside the container (must not contain symlinks).",
"format" : "pve-lxc-mp-string",
"format_description" : "Path",
"type" : "string",
- "verbose_description" : "Path to the mountpoint as seen from inside the container.\n\nNOTE: Must not contain any symlinks for security reasons."
+ "verbose_description" : "Path to the mountpoint as seen from inside the container.\n\nNOTE: Must not contain any symlinks for security reasons."
},
"quota" : {
"description" : "Enable user quotas inside the container (not supported with zfs subvolumes)",
"optional" : 1,
"type" : "boolean"
},
+ "replicate" : {
+ "default" : 1,
+ "description" : "Will include this volume to a storage replica job.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"ro" : {
- "description" : "Read-only mountpoint",
+ "description" : "Read-only mountpoint",
"optional" : 1,
"type" : "boolean"
},
+ "shared" : {
+ "default" : 0,
+ "description" : "Mark this non-volume mount point as available on multiple nodes (see 'nodes')",
+ "optional" : 1,
+ "type" : "boolean",
+ "verbose_description" : "Mark this non-volume mount point as available on all nodes.\n\nWARNING: This option does not share the mount point automatically, it assumes it is shared already!"
"description" : "Sets DNS server IP address for a container. Create will automatically use the setting from the host if you neither set searchdomain nor nameserver.",
"format" : "address-list",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"net[n]" : {
"description" : "Specifies network interfaces for the container.",
"description" : "Specifies whether a VM will be started during system bootup.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"ostype" : {
"description" : "OS type. This is used to setup configuration inside the container, and corresponds to lxc setup scripts in /usr/share/lxc/config/<ostype>.common.conf. Value 'unmanaged' can be used to skip and OS specific setup.",
+ "description" : "Will include this volume to a storage replica job.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"ro" : {
- "description" : "Read-only mountpoint",
+ "description" : "Read-only mountpoint",
"optional" : 1,
"type" : "boolean"
},
+ "shared" : {
+ "default" : 0,
+ "description" : "Mark this non-volume mount point as available on multiple nodes (see 'nodes')",
+ "optional" : 1,
+ "type" : "boolean",
+ "verbose_description" : "Mark this non-volume mount point as available on all nodes.\n\nWARNING: This option does not share the mount point automatically, it assumes it is shared already!"
"description" : "Sets DNS search domains for a container. Create will automatically use the setting from the host if you neither set searchdomain nor nameserver.",
"format" : "dns-name-list",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"startup" : {
"description" : "Startup and shutdown behavior. Order is a non-negative number defining the general startup order. Shutdown in done with reverse ordering. Additionally you can set the 'up' or 'down' delay in seconds, which specifies a delay to wait before the next VM is started or stopped.",
"description" : "A list of settings you want to delete.",
"format" : "pve-configid-list",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"dest" : {
"description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
"format" : "pve-fw-addr-spec",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"digest" : {
"description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
"maxLength" : 40,
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"dport" : {
"description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
"format" : "pve-fw-dport-spec",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"enable" : {
+ "description" : "Flag to enable/disable a rule.",
"minimum" : 0,
"optional" : 1,
"type" : "integer",
- "typetext" : "integer (0- N)"
+ "typetext" : "<integer> (0 - N)"
},
"iface" : {
"description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
+ "description" : "Use predefined standard macro.",
"maxLength" : 128,
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"moveto" : {
"description" : "Move rule to new position <moveto>. Other arguments are ignored.",
"minimum" : 0,
"optional" : 1,
"type" : "integer",
- "typetext" : "integer (0- N)"
+ "typetext" : "<integer> (0 - N)"
},
"node" : {
"description" : "The cluster node name.",
"format" : "pve-node",
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"pos" : {
"description" : "Update rule at position <pos>.",
"minimum" : 0,
"optional" : 1,
"type" : "integer",
- "typetext" : "integer (0- N)"
+ "typetext" : "<integer> (0 - N)"
},
"proto" : {
"description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
"format" : "pve-fw-protocol-spec",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"source" : {
"description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
"format" : "pve-fw-addr-spec",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"sport" : {
"description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
"description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
"format" : "pve-fw-addr-spec",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"digest" : {
"description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
"maxLength" : 40,
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"dport" : {
"description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
"format" : "pve-fw-dport-spec",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"enable" : {
+ "description" : "Flag to enable/disable a rule.",
"minimum" : 0,
"optional" : 1,
"type" : "integer",
- "typetext" : "integer (0- N)"
+ "typetext" : "<integer> (0 - N)"
},
"iface" : {
"description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
+ "description" : "Use predefined standard macro.",
"maxLength" : 128,
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"node" : {
"description" : "The cluster node name.",
"format" : "pve-node",
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"pos" : {
"description" : "Update rule at position <pos>.",
"minimum" : 0,
"optional" : 1,
"type" : "integer",
- "typetext" : "integer (0- N)"
+ "typetext" : "<integer> (0 - N)"
},
"proto" : {
"description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
"format" : "pve-fw-protocol-spec",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"source" : {
"description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
"format" : "pve-fw-addr-spec",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"sport" : {
"description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
"description" : "A list of settings you want to delete.",
"format" : "pve-configid-list",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"dhcp" : {
"description" : "Enable DHCP.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"digest" : {
"description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
"maxLength" : 40,
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"enable" : {
"description" : "Enable/disable firewall rules.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"ipfilter" : {
"description" : "Enable default IP filters. This is equivalent to adding an empty ipfilter-net<id> ipset for every interface. Such ipsets implicitly contain sane default restrictions such as restricting IPv6 link local addresses to the one derived from the interface's MAC address. For containers the configured IP addresses will be implicitly added.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"log_level_in" : {
"description" : "Log level for incoming traffic.",
"description" : "SPICE proxy server. This can be used by the client to specify the proxy server. All nodes in a cluster runs 'spiceproxy', so it is up to the client to choose one. By default, we return the node where the VM is currently running. As resonable setting is to use same node you use to connect to the API (This is window.location.hostname for the JS GUI).",
- "description" : "Force migration despite local bind / device mounts. WARNING: identical bind / device mounts need to be available on the target node.",
+ "description" : "Force migration despite local bind / device mounts. NOTE: deprecated, use 'shared' property of mount point instead.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"node" : {
"description" : "The cluster node name.",
"format" : "pve-node",
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"online" : {
"description" : "Use online/live migration.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "restart" : {
+ "description" : "Use restart migration",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"target" : {
"description" : "Target node.",
"format" : "pve-node",
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "timeout" : {
+ "default" : 180,
+ "description" : "Timeout in seconds for shutdown for restart migration",
- "description" : "The clone feature is experimental, set this flag if you know what you are doing.",
- "type" : "boolean"
+ "type" : "string",
+ "typetext" : "<string>"
},
"full" : {
- "default" : 0,
- "description" : "Create a full copy of all disk. This is always done when you clone a normal CT. For CT templates, we try to create a linked clone by default.",
+ "description" : "Create a full copy of all disks. This is always done when you clone a normal CT. For CT templates, we try to create a linked clone by default.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"hostname" : {
"description" : "Set a hostname for the new CT.",
"format" : "dns-name",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"newid" : {
"description" : "VMID for the clone.",
"format" : "pve-vmid",
"minimum" : 1,
"type" : "integer",
- "typetext" : "integer (1- N)"
+ "typetext" : "<integer> (1 - N)"
},
"node" : {
"description" : "The cluster node name.",
"format" : "pve-node",
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"pool" : {
"description" : "Add the new CT to the specified pool.",
"format" : "pve-poolid",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"snapname" : {
"description" : "The name of the snapshot.",
"format" : "pve-configid",
"maxLength" : 40,
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"storage" : {
"description" : "Target storage for full clone.",
"format" : "pve-storage-id",
"optional" : 1,
- "requires" : "full",
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "target" : {
+ "description" : "Target node. Only allowed if the original VM is on shared storage.",
"description" : "The new size. With the '+' sign the value is added to the actual size of the volume and without it, the value is taken as an absolute one. Shrinking disk size is not supported.",
+ "description" : "Override i/o bandwidth limit (in KiB/s).",
+ "minimum" : "0",
+ "optional" : 1,
+ "type" : "number",
+ "typetext" : "<number> (0 - N)"
+ },
"cmode" : {
"default" : "tty",
"description" : "Console mode. By default, the console command tries to open a connection to one of the available tty devices. By setting cmode to 'console' it tries to attach to /dev/console instead. If you set cmode to 'shell', it simply invokes a shell inside the container (no login).",
- "description" : "Whether to include the mountpoint in backups.",
+ "description" : "Whether to include the mountpoint in backups.",
"optional" : 1,
"type" : "boolean",
- "verbose_description" : "Whether to include the mountpoint in backups (only used for volume mountpoints)."
+ "verbose_description" : "Whether to include the mount point in backups (only used for volume mount points)."
},
"mp" : {
- "description" : "Path to the mountpoint as seen from inside the container (must not contain symlinks).",
+ "description" : "Path to the mountpoint as seen from inside the container (must not contain symlinks).",
"format" : "pve-lxc-mp-string",
"format_description" : "Path",
"type" : "string",
- "verbose_description" : "Path to the mountpoint as seen from inside the container.\n\nNOTE: Must not contain any symlinks for security reasons."
+ "verbose_description" : "Path to the mountpoint as seen from inside the container.\n\nNOTE: Must not contain any symlinks for security reasons."
},
"quota" : {
"description" : "Enable user quotas inside the container (not supported with zfs subvolumes)",
"optional" : 1,
"type" : "boolean"
},
+ "replicate" : {
+ "default" : 1,
+ "description" : "Will include this volume to a storage replica job.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"ro" : {
- "description" : "Read-only mountpoint",
+ "description" : "Read-only mountpoint",
"optional" : 1,
"type" : "boolean"
},
+ "shared" : {
+ "default" : 0,
+ "description" : "Mark this non-volume mount point as available on multiple nodes (see 'nodes')",
+ "optional" : 1,
+ "type" : "boolean",
+ "verbose_description" : "Mark this non-volume mount point as available on all nodes.\n\nWARNING: This option does not share the mount point automatically, it assumes it is shared already!"
"description" : "Sets DNS server IP address for a container. Create will automatically use the setting from the host if you neither set searchdomain nor nameserver.",
"format" : "address-list",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"net[n]" : {
"description" : "Specifies network interfaces for the container.",
"description" : "Specifies whether a VM will be started during system bootup.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"ostemplate" : {
"description" : "The OS template or backup file.",
"maxLength" : 255,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"ostype" : {
"description" : "OS type. This is used to setup configuration inside the container, and corresponds to lxc setup scripts in /usr/share/lxc/config/<ostype>.common.conf. Value 'unmanaged' can be used to skip and OS specific setup.",
+ "description" : "Will include this volume to a storage replica job.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"ro" : {
- "description" : "Read-only mountpoint",
+ "description" : "Read-only mountpoint",
"optional" : 1,
"type" : "boolean"
},
+ "shared" : {
+ "default" : 0,
+ "description" : "Mark this non-volume mount point as available on multiple nodes (see 'nodes')",
+ "optional" : 1,
+ "type" : "boolean",
+ "verbose_description" : "Mark this non-volume mount point as available on all nodes.\n\nWARNING: This option does not share the mount point automatically, it assumes it is shared already!"
"description" : "Sets DNS search domains for a container. Create will automatically use the setting from the host if you neither set searchdomain nor nameserver.",
"format" : "dns-name-list",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"ssh-public-keys" : {
"description" : "Setup public SSH keys (one key per line, OpenSSH format).",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"startup" : {
"description" : "Startup and shutdown behavior. Order is a non-negative number defining the general startup order. Shutdown in done with reverse ordering. Additionally you can set the 'up' or 'down' delay in seconds, which specifies a delay to wait before the next VM is started or stopped.",
+ "description" : "Disable cephx authentification.\n\nWARNING: cephx is a security feature protecting against man-in-the-middle attacks. Only consider disabling cephx if your network is private!",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "min_size" : {
+ "default" : 2,
+ "description" : "Minimum number of available replicas per object to allow I/O",
+ "maximum" : 7,
+ "minimum" : 1,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (1 - 7)"
+ },
"network" : {
"description" : "Use specific network for all ceph related traffic",
"description" : "Store resulting file to this storage.",
"format" : "pve-storage-id",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"tmpdir" : {
"description" : "Store temporary files to specified directory.",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"vmid" : {
"description" : "The ID of the guest system you want to backup.",
"format" : "pve-vmid-list",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
}
}
},
"permissions" : {
- "description" : "The user needs 'VM.Backup' permissions on any VM, and 'Datastore.AllocateSpace' on the backup storage.",
+ "description" : "The user needs 'VM.Backup' permissions on any VM, and 'Datastore.AllocateSpace' on the backup storage. The 'maxfiles', 'tmpdir', 'dumpdir', 'script', 'bwlimit' and 'ionice' parameters are restricted to the 'root@pam' user.",
+ "description" : "Upload templates and ISO images.",
+ "method" : "POST",
+ "name" : "upload",
+ "parameters" : {
+ "additionalProperties" : 0,
"properties" : {
+ "content" : {
+ "description" : "Content type.",
+ "format" : "pve-storage-content",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"filename" : {
- "type" : "string"
+ "description" : "The name of the file to create.",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "storage" : {
+ "description" : "The storage identifier.",
+ "format" : "pve-storage-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "tmpfilename" : {
+ "description" : "The source file name. This parameter is usually set by the REST handler. You can only overwrite it when connecting to the trustet port on localhost.",
+ "description" : "Get status for all datastores.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "content" : {
+ "description" : "Only list stores which support this content type.",
+ "format" : "pve-storage-content-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "enabled" : {
+ "default" : 0,
+ "description" : "Only list stores which are enabled (not disabled in config).",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "format" : {
+ "default" : 0,
+ "description" : "Include information about formats",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "storage" : {
+ "description" : "Only list status for specified storage",
+ "format" : "pve-storage-id",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "target" : {
+ "description" : "If target is different to 'node', we only lists shared storages which content is accessible on this 'node' and the specified 'target' node.",
+ "format" : "pve-node",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "description" : "Only list entries where you have 'Datastore.Audit' or 'Datastore.AllocateSpace' permissions on '/storage/<storage>'",
+ "user" : "all"
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "storage" : {
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{storage}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/nodes/{node}/storage",
+ "text" : "storage"
+ },
+ {
+ "children" : [
+ {
+ "info" : {
+ "GET" : {
+ "description" : "List local disks.",
+ "method" : "GET",
+ "name" : "list",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
}
}
},
- "leaf" : 1,
- "path" : "/nodes/{node}/storage/{storage}/rrd",
- "text" : "rrd"
- },
- {
- "info" : {
- "GET" : {
- "description" : "Read storage RRD statistics.",
- "method" : "GET",
- "name" : "rrddata",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "cf" : {
- "description" : "The RRD consolidation function",
- "enum" : [
- "AVERAGE",
- "MAX"
- ],
- "optional" : 1,
- "type" : "string"
- },
- "node" : {
- "description" : "The cluster node name.",
- "format" : "pve-node",
- "type" : "string"
- },
- "storage" : {
- "description" : "The storage identifier.",
- "format" : "pve-storage-id",
- "type" : "string"
- },
- "timeframe" : {
- "description" : "Specify the time frame you are interested in.",
- "enum" : [
- "hour",
- "day",
- "week",
- "month",
- "year"
- ],
- "type" : "string"
- }
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit",
+ "Datastore.Audit"
+ ],
+ "any",
+ 1
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "devpath" : {
+ "description" : "The device path",
+ "type" : "string"
+ },
+ "gpt" : {
+ "type" : "boolean"
+ },
+ "health" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "model" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "osdid" : {
+ "type" : "integer"
+ },
+ "serial" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "size" : {
+ "type" : "integer"
+ },
+ "used" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "vendor" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "wwn" : {
+ "optional" : 1,
+ "type" : "string"
}
},
- "permissions" : {
- "check" : [
- "perm",
- "/storage/{storage}",
- [
- "Datastore.Audit",
- "Datastore.AllocateSpace"
- ],
- "any",
- 1
- ]
+ "type" : "object"
+ },
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/disks/list",
+ "text" : "list"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "description" : "Get SMART Health of a disk.",
+ "method" : "GET",
+ "name" : "smart",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "disk" : {
+ "description" : "Block device name",
+ "pattern" : "^/dev/[a-zA-Z0-9\\/]+$",
+ "type" : "string"
},
- "protected" : 1,
- "proxyto" : "node",
- "returns" : {
- "items" : {
- "properties" : {},
- "type" : "object"
- },
- "type" : "array"
+ "healthonly" : {
+ "description" : "If true returns only the health status",
- "description" : "Upload templates and ISO images.",
- "method" : "POST",
- "name" : "upload",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "content" : {
- "description" : "Content type.",
- "format" : "pve-storage-content",
- "type" : "string"
- },
- "filename" : {
- "description" : "The name of the file to create.",
- "type" : "string"
- },
- "node" : {
- "description" : "The cluster node name.",
- "format" : "pve-node",
- "type" : "string"
- },
- "storage" : {
- "description" : "The storage identifier.",
- "format" : "pve-storage-id",
- "type" : "string"
- },
- "tmpfilename" : {
- "description" : "The source file name. This parameter is usually set by the REST handler. You can only overwrite it when connecting to the trustet port on localhost.",
- "description" : "Get status for all datastores.",
+ "description" : "Node index.",
"method" : "GET",
"name" : "index",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "content" : {
- "description" : "Only list stores which support this content type.",
- "format" : "pve-storage-content-list",
- "optional" : 1,
- "type" : "string"
- },
- "enabled" : {
- "default" : 0,
- "description" : "Only list stores which are enabled (not disabled in config).",
- "optional" : 1,
- "type" : "boolean"
- },
"node" : {
"description" : "The cluster node name.",
"format" : "pve-node",
- "type" : "string"
- },
- "storage" : {
- "description" : "Only list status for specified storage",
- "format" : "pve-storage-id",
- "optional" : 1,
- "type" : "string"
- },
- "target" : {
- "description" : "If target is different to 'node', we only lists shared storages which content is accessible on this 'node' and the specified 'target' node.",
- "format" : "pve-node",
- "optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
}
}
},
"permissions" : {
- "description" : "Only list entries where you have 'Datastore.Audit' or 'Datastore.AllocateSpace' permissions on '/storage/<storage>'",
"description" : "A list of settings you want to delete.",
"format" : "pve-configid-list",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"dest" : {
"description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
"format" : "pve-fw-addr-spec",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"digest" : {
"description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
"maxLength" : 40,
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"dport" : {
"description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
"format" : "pve-fw-dport-spec",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"enable" : {
+ "description" : "Flag to enable/disable a rule.",
"minimum" : 0,
"optional" : 1,
"type" : "integer",
- "typetext" : "integer (0- N)"
+ "typetext" : "<integer> (0 - N)"
},
"iface" : {
"description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
+ "description" : "Use predefined standard macro.",
"maxLength" : 128,
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"moveto" : {
"description" : "Move rule to new position <moveto>. Other arguments are ignored.",
"minimum" : 0,
"optional" : 1,
"type" : "integer",
- "typetext" : "integer (0- N)"
+ "typetext" : "<integer> (0 - N)"
},
"node" : {
"description" : "The cluster node name.",
"format" : "pve-node",
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"pos" : {
"description" : "Update rule at position <pos>.",
"minimum" : 0,
"optional" : 1,
"type" : "integer",
- "typetext" : "integer (0- N)"
+ "typetext" : "<integer> (0 - N)"
},
"proto" : {
"description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
"format" : "pve-fw-protocol-spec",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"source" : {
"description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
"format" : "pve-fw-addr-spec",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"sport" : {
"description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
+ "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
+ "maxLength" : 20,
+ "minLength" : 2,
+ "optional" : 0,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "type" : "string"
+ },
+ "comment" : {
+ "description" : "Descriptive comment.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dest" : {
+ "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
+ "format" : "pve-fw-addr-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 40,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dport" : {
+ "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
+ "format" : "pve-fw-dport-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "enable" : {
+ "description" : "Flag to enable/disable a rule.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "iface" : {
+ "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
+ "format" : "pve-iface",
+ "maxLength" : 20,
+ "minLength" : 2,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "macro" : {
+ "description" : "Use predefined standard macro.",
+ "maxLength" : 128,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "pos" : {
+ "description" : "Update rule at position <pos>.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "proto" : {
+ "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
+ "format" : "pve-fw-protocol-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "source" : {
+ "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
+ "format" : "pve-fw-addr-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "sport" : {
+ "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
- "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
- "maxLength" : 20,
- "minLength" : 2,
- "optional" : 0,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
+ "enable" : {
+ "description" : "Enable host firewall rules.",
+ "optional" : 1,
+ "type" : "boolean"
},
- "comment" : {
+ "log_level_in" : {
+ "description" : "Log level for incoming traffic.",
+ "enum" : [
+ "emerg",
+ "alert",
+ "crit",
+ "err",
+ "warning",
+ "notice",
+ "info",
+ "debug",
+ "nolog"
+ ],
"optional" : 1,
"type" : "string"
},
- "dest" : {
- "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
- "format" : "pve-fw-addr-spec",
+ "log_level_out" : {
+ "description" : "Log level for outgoing traffic.",
+ "enum" : [
+ "emerg",
+ "alert",
+ "crit",
+ "err",
+ "warning",
+ "notice",
+ "info",
+ "debug",
+ "nolog"
+ ],
"optional" : 1,
"type" : "string"
},
- "digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "ndp" : {
+ "description" : "Enable NDP.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "nf_conntrack_max" : {
+ "description" : "Maximum number of tracked connections.",
+ "minimum" : 32768,
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "nf_conntrack_tcp_timeout_established" : {
+ "description" : "Conntrack established timeout.",
+ "minimum" : 7875,
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "nosmurfs" : {
+ "description" : "Enable SMURFS filter.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "smurf_log_level" : {
+ "description" : "Log level for SMURFS filter.",
+ "enum" : [
+ "emerg",
+ "alert",
+ "crit",
+ "err",
+ "warning",
+ "notice",
+ "info",
+ "debug",
+ "nolog"
+ ],
"optional" : 1,
"type" : "string"
},
- "dport" : {
- "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
- "format" : "pve-fw-dport-spec",
+ "tcp_flags_log_level" : {
+ "description" : "Log level for illegal tcp flags filter.",
+ "enum" : [
+ "emerg",
+ "alert",
+ "crit",
+ "err",
+ "warning",
+ "notice",
+ "info",
+ "debug",
+ "nolog"
+ ],
"optional" : 1,
"type" : "string"
},
+ "tcpflags" : {
+ "description" : "Filter illegal combinations of TCP flags.",
+ "optional" : 1,
+ "type" : "boolean"
+ }
+ },
+ "type" : "object"
+ }
+ },
+ "PUT" : {
+ "description" : "Set Firewall options.",
+ "method" : "PUT",
+ "name" : "set_options",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "format" : "pve-configid-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 40,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"enable" : {
- "minimum" : 0,
+ "description" : "Enable host firewall rules.",
"optional" : 1,
- "type" : "integer",
- "typetext" : "integer (0- N)"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
- "iface" : {
- "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
- "format" : "pve-iface",
- "maxLength" : 20,
- "minLength" : 2,
+ "log_level_in" : {
+ "description" : "Log level for incoming traffic.",
+ "enum" : [
+ "emerg",
+ "alert",
+ "crit",
+ "err",
+ "warning",
+ "notice",
+ "info",
+ "debug",
+ "nolog"
+ ],
"optional" : 1,
"type" : "string"
},
- "macro" : {
- "maxLength" : 128,
+ "log_level_out" : {
+ "description" : "Log level for outgoing traffic.",
+ "enum" : [
+ "emerg",
+ "alert",
+ "crit",
+ "err",
+ "warning",
+ "notice",
+ "info",
+ "debug",
+ "nolog"
+ ],
"optional" : 1,
"type" : "string"
},
- "node" : {
- "description" : "The cluster node name.",
- "format" : "pve-node",
- "type" : "string"
+ "ndp" : {
+ "description" : "Enable NDP.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
- "pos" : {
- "description" : "Update rule at position <pos>.",
- "minimum" : 0,
+ "nf_conntrack_max" : {
+ "description" : "Maximum number of tracked connections.",
+ "minimum" : 32768,
"optional" : 1,
"type" : "integer",
- "typetext" : "integer (0- N)"
+ "typetext" : "<integer> (32768 - N)"
},
- "proto" : {
- "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
- "format" : "pve-fw-protocol-spec",
+ "nf_conntrack_tcp_timeout_established" : {
+ "description" : "Conntrack established timeout.",
+ "minimum" : 7875,
"optional" : 1,
- "type" : "string"
+ "type" : "integer",
+ "typetext" : "<integer> (7875 - N)"
},
- "source" : {
- "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
- "format" : "pve-fw-addr-spec",
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "nosmurfs" : {
+ "description" : "Enable SMURFS filter.",
"optional" : 1,
- "type" : "string"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
- "sport" : {
- "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
- "format" : "pve-fw-sport-spec",
+ "smurf_log_level" : {
+ "description" : "Log level for SMURFS filter.",
+ "enum" : [
+ "emerg",
+ "alert",
+ "crit",
+ "err",
+ "warning",
+ "notice",
+ "info",
+ "debug",
+ "nolog"
+ ],
"optional" : 1,
"type" : "string"
},
- "type" : {
+ "tcp_flags_log_level" : {
+ "description" : "Log level for illegal tcp flags filter.",
"enum" : [
- "in",
- "out",
- "group"
+ "emerg",
+ "alert",
+ "crit",
+ "err",
+ "warning",
+ "notice",
+ "info",
+ "debug",
+ "nolog"
],
- "optional" : 0,
+ "optional" : 1,
"type" : "string"
+ },
+ "tcpflags" : {
+ "description" : "Filter illegal combinations of TCP flags.",
"description" : "SPICE proxy server. This can be used by the client to specify the proxy server. All nodes in a cluster runs 'spiceproxy', so it is up to the client to choose one. By default, we return the node where the VM is currently running. As resonable setting is to use same node you use to connect to the API (This is window.location.hostname for the JS GUI).",
"format" : "address",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"upgrade" : {
"default" : 0,
"description" : "Run 'apt-get dist-upgrade' instead of normal shell.",
"description" : "Allowed content types.\n\nNOTE: the value 'rootdir' is used for Containers, and value 'images' for VMs.\n",
"format" : "pve-storage-content-list",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"delete" : {
"description" : "A list of settings you want to delete.",
"format" : "pve-configid-list",
"maxLength" : 4096,
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"digest" : {
"description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
"maxLength" : 40,
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"disable" : {
"description" : "Flag to disable the storage.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "domain" : {
+ "description" : "CIFS domain.",
+ "maxLength" : 256,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
},
"format" : {
"description" : "Default image format.",
"format" : "pve-storage-format",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "is_mountpoint" : {
+ "default" : "no",
+ "description" : "Assume the given path is an externally managed mountpoint and consider the storage offline if it is not mounted. Using a boolean (yes/no) value serves as a shortcut to using the target path in this field.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
},
"krbd" : {
"description" : "Access rbd through krbd kernel module.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"maxfiles" : {
"description" : "Maximal number of backup files per VM. Use '0' for unlimted.",
"minimum" : 0,
"optional" : 1,
"type" : "integer",
- "typetext" : "integer (0- N)"
+ "typetext" : "<integer> (0 - N)"
},
"mkdir" : {
"default" : "yes",
"description" : "Create the directory if it doesn't exist.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "monhost" : {
+ "description" : "IP addresses of monitors (for external clusters).",
+ "format" : "pve-storage-portal-dns-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
},
"nodes" : {
"description" : "List of cluster node names.",
"format" : "pve-node-list",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"nowritecache" : {
"description" : "disable write caching on the target",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"options" : {
"description" : "NFS mount options (see 'man nfs')",
"description" : "Allowed content types.\n\nNOTE: the value 'rootdir' is used for Containers, and value 'images' for VMs.\n",
"format" : "pve-storage-content-list",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"disable" : {
"description" : "Flag to disable the storage.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "domain" : {
+ "description" : "CIFS domain.",
+ "maxLength" : 256,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
},
"export" : {
"description" : "NFS export path.",
"format" : "pve-storage-path",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"format" : {
"description" : "Default image format.",
"format" : "pve-storage-format",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "is_mountpoint" : {
+ "default" : "no",
+ "description" : "Assume the given path is an externally managed mountpoint and consider the storage offline if it is not mounted. Using a boolean (yes/no) value serves as a shortcut to using the target path in this field.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
},
"iscsiprovider" : {
"description" : "iscsi provider",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"krbd" : {
"description" : "Access rbd through krbd kernel module.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"maxfiles" : {
"description" : "Maximal number of backup files per VM. Use '0' for unlimted.",
"minimum" : 0,
"optional" : 1,
"type" : "integer",
- "typetext" : "integer (0- N)"
+ "typetext" : "<integer> (0 - N)"
},
"mkdir" : {
"default" : "yes",
"description" : "Create the directory if it doesn't exist.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"monhost" : {
- "description" : "Monitors daemon ips.",
+ "description" : "IP addresses of monitors (for external clusters).",
"format" : "pve-storage-portal-dns-list",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"nodes" : {
"description" : "List of cluster node names.",
"format" : "pve-node-list",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"nowritecache" : {
"description" : "disable write caching on the target",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"options" : {
"description" : "NFS mount options (see 'man nfs')",
"format" : "pve-storage-options",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "password" : {
+ "description" : "Password for CIFS share.",
+ "maxLength" : 256,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
},
"path" : {
"description" : "File system path.",
"format" : "pve-storage-path",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"pool" : {
"description" : "Pool.",
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"portal" : {
"description" : "iSCSI portal (IP or DNS name with optional port).",